wwesleyalves
commented
1 year ago Issue still exists.
Open wwesleyalves opened 1 year ago
wwesleyalves
commented
1 year ago Issue still exists.
wwesleyalves
commented
1 year ago Issue still exists.
wwesleyalves
commented
1 year ago Issue still exists.
Trust_Boundary_Violation_in_Session_Variables issue exists @ root/login.jsp in branch main
*Method username at line 7 of root\login.jsp gets user input from element ""username"". This element’s value flows through the code without being properly sanitized or validated and is eventually stored in the server-side Session object, in session.setAttribute at line 22 of root\login.jsp. This constitutes a Trust Boundary Violation.Similarity ID: 1095145780
Method password at line 8 of root\login.jsp gets user input from element ""password"". This element’s value flows through the code without being properly sanitized or validated and is eventually stored in the server-side Session object, in session.setAttribute at line 22 of root\login.jsp. This constitutes a Trust Boundary Violation.Similarity ID: -1325632224
Method username at line 7 of root\login.jsp gets user input from element ""username"". This element’s value flows through the code without being properly sanitized or validated and is eventually stored in the server-side Session object, in session.setAttribute at line 24 of root\login.jsp. This constitutes a Trust Boundary Violation.Similarity ID: 1488761460
Method password at line 8 of root\login.jsp gets user input from element ""password"". This element’s value flows through the code without being properly sanitized or validated and is eventually stored in the server-side Session object, in session.setAttribute at line 24 of root\login.jsp. This constitutes a Trust Boundary Violation.Similarity ID: -932016544*
Severity: Low
CWE:501
Vulnerability details and guidance
Checkmarx
Training Recommended Fix
Lines: 7 8
Code (Line #7):
Code (Line #8):