Mend SAST Alert (Scan-JavaVulnerableSASTGitHubTickets-2022/12/07 05:58:46 PM)

[wrbejar01]

Mend SAST Results (Scan-JavaVulnerableSASTGitHubTickets-2022/12/07 05:58:46 PM):
Found 173 vulnerabilities
Found 107 high severity findings
Found 32 medium severity findings

Languages: Java JavaScript / Node.js

Scan Duration: 00:01:30
Total Vulnerabilities: 173

Found vulnerability types:

Language: Java

• (High Severity) SQL Injection: 37
• (High Severity) XPath Injection: 2
• (High Severity) Code Injection: 2
• (High Severity) Path/Directory Traversal: 11
• (High Severity) File Manipulation: 1
• (High Severity) Cross-Site Scripting: 54
• (Medium Severity) Hardcoded Password/Credentials: 1
• (Medium Severity) Weak Pseudo-Random: 1
• (Medium Severity) Heap Inspection: 13
• (Medium Severity) Trust Boundary Violation: 11
• (Medium Severity) Error Messages Information Exposure: 3
• (Low Severity) Unvalidated/Open Redirect: 1
• (Low Severity) Weak Hash Strength: 1
• (Low Severity) HTTP Header Injection: 3
• (Low Severity) Cookie Injection: 4
• (Low Severity) Session Poisoning: 11
• (Low Severity) Arbitrary Server Connection: 14
  Language: JavaScript / Node.js
• (Medium Severity) Hardcoded Password/Credentials: 3

Scan URL: https://saas.whitesourcesoftware.com/sast/#/scans/5c506357-7859-41fc-8dc6-8dc76e868958/details
API Scan URL: https://saas.whitesourcesoftware.com/sast/api/scans/5c506357-7859-41fc-8dc6-8dc76e868958