CSRF issue exists @ src/main/webapp/vulnerability/idor/change-email.jsp in branch refs/heads/master
Method email=request.getParameter at line 27 of src\main\webapp\vulnerability\idor\change-email.jsp gets a parameter from a user request from ""email"". This parameter value flows through the code and is eventually used to access application state altering functionality. This may enable Cross-Site Request Forgery (CSRF).
Severity: Medium
CWE:352
Vulnerability details and guidance
Checkmarx
Training
Recommended Fix
Lines: 27 28
Code (Line #27):
String email=request.getParameter("email");
Code (Line #28):
String id=request.getParameter("id");
CSRF issue exists @ src/main/webapp/vulnerability/idor/change-email.jsp in branch refs/heads/master
Method email=request.getParameter at line 27 of src\main\webapp\vulnerability\idor\change-email.jsp gets a parameter from a user request from ""email"". This parameter value flows through the code and is eventually used to access application state altering functionality. This may enable Cross-Site Request Forgery (CSRF).
Severity: Medium
CWE:352
Vulnerability details and guidance
Checkmarx
Training
Recommended Fix
Lines: 27 28
Code (Line #27):
Code (Line #28):