Release/2.8.0 #3051
Release/2.8.0 #3051
7 new alerts including 7 medium severity security vulnerabilities
New alerts in code changed by this pull request
Security Alerts:
- 7 medium
Alerts not introduced by this pull request might have been detected because the code changes were too large.
See annotations below for details.
Annotations
Check warning on line 87 in src/br/org/scadabr/vo/exporter/ZIPProjectManager.java
Code scanning / CodeQL
HTTP response splitting Medium
, which may cause a response-splitting vulnerability.
Check warning on line 152 in src/com/serotonin/mango/web/servlet/HttpDataSourceServlet.java
Code scanning / CodeQL
Cross-site scripting Medium
.
Check warning on line 160 in src/com/serotonin/mango/web/servlet/HttpDataSourceServlet.java
Code scanning / CodeQL
Cross-site scripting Medium
.
Check warning on line 451 in src/org/scada_lts/web/mvc/api/PointValueAPI.java
Code scanning / CodeQL
Cross-site scripting Medium
.
Check warning on line 486 in src/org/scada_lts/web/mvc/api/PointValueAPI.java
Code scanning / CodeQL
Cross-site scripting Medium
.
Check warning on line 518 in src/org/scada_lts/web/mvc/api/PointValueAPI.java
Code scanning / CodeQL
Cross-site scripting Medium
.
Check warning on line 21 in src/org/scada_lts/web/ws/config/HeadersFromSystemSettingsWriter.java
Code scanning / CodeQL
HTTP response splitting Medium
, which may cause a response-splitting vulnerability.