CX Unchecked_Input_for_Loop_Condition @ src/main/java/org/cysecurity/cspf/jvl/controller/xxe.java [refs/heads/master]

**Unchecked_Input_for_Loop_Condition** issue exists @ **src/main/java/org/cysecurity/cspf/jvl/controller/xxe.java** in branch **refs/heads/master**

*Method processRequest at line 44 of src\main\java\org\cysecurity\cspf\jvl\controller\xxe.java gets user input from element getInputStream . This element’s value flows through the code without being validated, and is eventually used in a loop condition in processRequest at line 53 of src\main\java\org\cysecurity\cspf\jvl\controller\xxe.java. This constitutes an Unchecked Input for Loop Condition.*

Severity: Medium

CWE:606

[Vulnerability details and guidance](https://cwe.mitre.org/data/definitions/606.html)

[Checkmarx](https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1007325&projectid=1350&pathid=257)

[Training](null)
[Recommended Fix](https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=1699&queryVersionCode=68484256&queryTitle=Unchecked_Input_for_Loop_Condition)

Lines: 44 

---
[Code (Line #44):](null#L44)
```
          InputStream xml=request.getInputStream();
```
---


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CX Unchecked_Input_for_Loop_Condition @ src/main/java/org/cysecurity/cspf/jvl/controller/xxe.java [refs/heads/master] #199

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

CX Unchecked_Input_for_Loop_Condition @ src/main/java/org/cysecurity/cspf/jvl/controller/xxe.java [refs/heads/master] #199

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions