Reflected_XSS issue exists @ recycles.ts in branch main
The method Lambda embeds untrusted data in generated output with send, at line 15 of /routes/recycles.ts. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.
The attacker would be able to alter the returned web page by simply providing modified data in the user input id, which is read by the Lambda method at line 12 of /routes/recycles.ts. This input then flows through the code straight to the output web page, without sanitization.
This can enable a Reflected Cross-Site Scripting (XSS) attack.
Reflected_XSS issue exists @ recycles.ts in branch main
The method Lambda embeds untrusted data in generated output with send, at line 15 of /routes/recycles.ts. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.
The attacker would be able to alter the returned web page by simply providing modified data in the user input id, which is read by the Lambda method at line 12 of /routes/recycles.ts. This input then flows through the code straight to the output web page, without sanitization.
This can enable a Reflected Cross-Site Scripting (XSS) attack.
Namespace: westonphillips Repository: CheckmarxOnePOV Repository Url: https://github.com/westonphillips/CheckmarxOnePOV CxAST-Project: westonphillips/CheckmarxOnePOV CxAST platform scan: 6a8170d0-38fa-4efc-81df-42628474102c Branch: main Application: CheckmarxOnePOV Severity: HIGH State: TO_VERIFY Status: RECURRENT CWE: 79 Lines: 12
References Read more