Code_Injection issue exists @ trackOrder.ts in branch main
The application's Lambda method receives and dynamically executes user-controlled code using id, at line 15 of /routes/trackOrder.ts. This could enable an attacker to inject and run arbitrary code.
The attacker can inject the executed code via user input, id, which is retrieved by the application in the Lambda method, at line 12 of /routes/trackOrder.ts.
Code_Injection issue exists @ trackOrder.ts in branch main
The application's Lambda method receives and dynamically executes user-controlled code using id, at line 15 of /routes/trackOrder.ts. This could enable an attacker to inject and run arbitrary code.
The attacker can inject the executed code via user input, id, which is retrieved by the application in the Lambda method, at line 12 of /routes/trackOrder.ts.
Namespace: westonphillips Repository: CheckmarxOnePOV Repository Url: https://github.com/westonphillips/CheckmarxOnePOV CxAST-Project: westonphillips/CheckmarxOnePOV CxAST platform scan: 6a8170d0-38fa-4efc-81df-42628474102c Branch: main Application: CheckmarxOnePOV Severity: HIGH State: TO_VERIFY Status: RECURRENT CWE: 94 Lines: 12
References Read more