Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add 2-3 secured implementations for XXE vulnerability #410

Open
preetkaran20 opened this issue Oct 1, 2022 · 2 comments
Open

Add 2-3 secured implementations for XXE vulnerability #410

preetkaran20 opened this issue Oct 1, 2022 · 2 comments
Labels
good first issue Good for newcomers HacktoberFest

Comments

@preetkaran20
Copy link
Member

Is your feature request related to a problem? Please describe.
As main target for Vulnerable App is scanners so we need to find out false positives by Scanners such that they can improve on there scan rules. So in order to find out the false positives, we need to add more secured implementations.

Describe the solution you'd like
Add 2-3 more functions in https://github.com/SasanLabs/VulnerableApp/blob/master/src/main/java/org/sasanlabs/service/vulnerability/xxe/XXEVulnerability.java which are secure.
@Prince-1110
Copy link

If this issue is not resolved yet, can I work on it?

@preetkaran20
Copy link
Member Author

@Prince-1110 yes, you can work on it. I think there are few secure implementations of this vulnerability present in the class but not marked as secure so you can mark them as secure as well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
good first issue Good for newcomers HacktoberFest
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@preetkaran20 @Prince-1110