CSRF issue exists @ src/main/java/org/cysecurity/cspf/jvl/controller/Register.java in branch refs/heads/master
Method processRequest at line 43 of src\main\java\org\cysecurity\cspf\jvl\controller\Register.java gets a parameter from a user request from ""username"". This parameter value flows through the code and is eventually used to access application state altering functionality. This may enable Cross-Site Request Forgery (CSRF).
Severity: Medium
CWE:352
Vulnerability details and guidance
Checkmarx
Training
Recommended Fix
Lines: 43 44 45 46 47
Code (Line #43):
String user=request.getParameter("username");
Code (Line #44):
String pass=request.getParameter("password");
Code (Line #45):
String email=request.getParameter("email");
Code (Line #46):
String about=request.getParameter("About");
Code (Line #47):
String secret=request.getParameter("secret");
CSRF issue exists @ src/main/java/org/cysecurity/cspf/jvl/controller/Register.java in branch refs/heads/master
Method processRequest at line 43 of src\main\java\org\cysecurity\cspf\jvl\controller\Register.java gets a parameter from a user request from ""username"". This parameter value flows through the code and is eventually used to access application state altering functionality. This may enable Cross-Site Request Forgery (CSRF).
Severity: Medium
CWE:352
Vulnerability details and guidance
Checkmarx
Training
Recommended Fix
Lines: 43 44 45 46 47
Code (Line #43):
Code (Line #44):
Code (Line #45):
Code (Line #46):
Code (Line #47):