CSRF issue exists @ root/contact.jsp in branch main
Method comments at line 11 of root\contact.jsp gets a parameter from a user request from ""comments"". This parameter value flows through the code and is eventually used to access application state altering functionality. This may enable Cross-Site Request Forgery (CSRF).Similarity ID: -400145630
wwesleyalves
commented
1 year ago
CSRF issue exists @ root/contact.jsp in branch main
Method comments at line 11 of root\contact.jsp gets a parameter from a user request from ""comments"". This parameter value flows through the code and is eventually used to access application state altering functionality. This may enable Cross-Site Request Forgery (CSRF).Similarity ID: -400145630
Severity: Medium
CWE:352
Vulnerability details and guidance
Checkmarx
Training Recommended Fix
Lines: 11
Code (Line #11):