You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Log_Forging issue exists @ SigningAssignment.java in branch main
Method completed at line 64 of /webgoat-lessons/crypto/src/main/java/org/owasp/webgoat/crypto/SigningAssignment.java gets user input from element modulus. This element’s value flows through the code without being properly sanitized or validated, and is eventually used in writing an audit log in completed at line 73 of /webgoat-lessons/crypto/src/main/java/org/owasp/webgoat/crypto/SigningAssignment.java.
Log_Forging issue exists @ SigningAssignment.java in branch main
Method completed at line 64 of /webgoat-lessons/crypto/src/main/java/org/owasp/webgoat/crypto/SigningAssignment.java gets user input from element modulus. This element’s value flows through the code without being properly sanitized or validated, and is eventually used in writing an audit log in completed at line 73 of /webgoat-lessons/crypto/src/main/java/org/owasp/webgoat/crypto/SigningAssignment.java.
This may enable Log Forging.
Namespace: nitinp1
Repository: WebGoat
Repository Url: https://github.com/nitinp1/WebGoat
CxAST-Project: nitinp1/WebGoat
CxAST platform scan: 371cf28e-43c8-4e90-86fa-65d2f0911dc1
Branch: main
Application: WebGoat
Severity: LOW
State: TO_VERIFY
Status: RECURRENT
CWE: 117
Lines: 64
References
Read more
The text was updated successfully, but these errors were encountered: