From 0f3942c766f8e354e4e7b801f3aa4d747e538dc6 Mon Sep 17 00:00:00 2001 From: Luis Rodriguez Date: Tue, 28 Apr 2026 11:12:58 +0200 Subject: [PATCH 1/2] feat(parsers): add Xygeni JSON parser (SAST, SCA, Secrets) Add a single first-party parser at dojo/tools/xygeni/ that handles three Xygeni JSON report kinds (SAST, SCA, Secrets) by dispatching on metadata.scanType. Mirrors the multi-scan-type pattern of rusty_hog, anchore_grype, checkmarx and sonarqube. Pre-approval: #14755 --- .../supported_tools/parsers/file/xygeni.md | 68 + dojo/tools/xygeni/__init__.py | 0 dojo/tools/xygeni/_common.py | 55 + dojo/tools/xygeni/parser.py | 67 + dojo/tools/xygeni/sast.py | 79 + dojo/tools/xygeni/sca.py | 77 + dojo/tools/xygeni/secrets.py | 49 + .../scans/xygeni/sast_many_findings.json | 13248 ++++++++++++++++ unittests/scans/xygeni/sast_no_findings.json | 16 + unittests/scans/xygeni/sca_many_findings.json | 11622 ++++++++++++++ unittests/scans/xygeni/sca_no_findings.json | 15 + .../scans/xygeni/secrets_many_findings.json | 1278 ++ .../scans/xygeni/secrets_no_findings.json | 15 + unittests/tools/test_xygeni_parser.py | 150 + 14 files changed, 26739 insertions(+) create mode 100644 docs/content/supported_tools/parsers/file/xygeni.md create mode 100644 dojo/tools/xygeni/__init__.py create mode 100644 dojo/tools/xygeni/_common.py create mode 100644 dojo/tools/xygeni/parser.py create mode 100644 dojo/tools/xygeni/sast.py create mode 100644 dojo/tools/xygeni/sca.py create mode 100644 dojo/tools/xygeni/secrets.py create mode 100644 unittests/scans/xygeni/sast_many_findings.json create mode 100644 unittests/scans/xygeni/sast_no_findings.json create mode 100644 unittests/scans/xygeni/sca_many_findings.json create mode 100644 unittests/scans/xygeni/sca_no_findings.json create mode 100644 unittests/scans/xygeni/secrets_many_findings.json create mode 100644 unittests/scans/xygeni/secrets_no_findings.json create mode 100644 unittests/tools/test_xygeni_parser.py diff --git a/docs/content/supported_tools/parsers/file/xygeni.md b/docs/content/supported_tools/parsers/file/xygeni.md new file mode 100644 index 00000000000..b5e810820e0 --- /dev/null +++ b/docs/content/supported_tools/parsers/file/xygeni.md @@ -0,0 +1,68 @@ +--- +title: "Xygeni" +toc_hide: true +--- +### About Xygeni +[Xygeni](https://xygeni.io) is a Software Supply Chain Security platform whose +scanners produce JSON reports for code vulnerabilities (SAST), open-source +dependency vulnerabilities (SCA), hard-coded secrets, IaC flaws, web-application +vulnerabilities (DAST), CI/CD and SCM misconfigurations, and malicious or +suspect components. + +This parser handles three Xygeni scan kinds in phase 1: **SAST**, **SCA**, and +**Secrets**. All three share a common `metadata` envelope; the parser +dispatches on `metadata.scanType`. + +### Scan Types +| Scan type | `metadata.scanType` | Xygeni CLI command (typical) | +| ------------------------ | ------------------- | ---------------------------- | +| `Xygeni SAST Scan` | `sast` | `xygeni scan --scan-type=sast --format=json` | +| `Xygeni SCA Scan` | `deps` | `xygeni scan --scan-type=deps --format=json` | +| `Xygeni Secrets Scan` | `secrets` | `xygeni scan --scan-type=secrets --format=json` | + +See the Xygeni documentation at for installation and +the full set of CLI options. + +### Acceptable JSON Format +All three scan types share the same envelope: + +~~~ +{ + "metadata": { + "uuid": "...", + "timestamp": "2026-04-26T07:08:29Z", + "projectName": "...", + "scanType": "sast" | "deps" | "secrets", + "format": "-xygeni", + "reportProperties": { + "tool.name": "Xygeni", + "tool.version": "..." + } + }, + ... +} +~~~ + +The kind-specific payload then follows: + +- **SAST** — `vulnerabilities[]` — each entry carries `detector` (the rule id), + `severity`, `location.{filepath, beginLine, endLine, code}`, `cwe` / + `cwes[]`, `tags[]`, `explanation`, `uniqueHash`, `issueId`, and an optional + `codeFlows[]` block describing source / sink frames and the data path. +- **SCA** — `dependencies[]` — each dependency has `name`, `version`, + `ecosystem`, and a nested `vulnerabilities[]` of CVE/GHSA advisories with + `cve`, `cwes`, `fixedVersion`, `aliases`, `overallCvssScore`, `references`, + `description`, `uniqueHash`, `issueId`. +- **Secrets** — `secrets[]` — each entry has `type` (e.g. + `aws_access_key`), `detector`, `severity`, `location` (same shape as SAST), + `description`, `tags`, `uniqueHash`, `issueId`. The `secret` value and + `location.code` are already redacted by the Xygeni CLI before serialisation. + +### Sample Scan Data +Sample Xygeni JSON reports can be found +[here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/xygeni). + +### Default Deduplication Hashcode Fields +The parser sets `unique_id_from_tool` from each finding's vendor-stable +`uniqueHash`, so re-importing the same Xygeni report does not duplicate +findings. `vuln_id_from_tool` is set from `issueId`. diff --git a/dojo/tools/xygeni/__init__.py b/dojo/tools/xygeni/__init__.py new file mode 100644 index 00000000000..e69de29bb2d diff --git a/dojo/tools/xygeni/_common.py b/dojo/tools/xygeni/_common.py new file mode 100644 index 00000000000..c74e114304d --- /dev/null +++ b/dojo/tools/xygeni/_common.py @@ -0,0 +1,55 @@ +"""Shared helpers for the Xygeni multi-scan-type parser.""" + +import re + +SEVERITY_MAP = { + "critical": "Critical", + "high": "High", + "medium": "Medium", + "low": "Low", + "info": "Info", +} + +_CWE_TAG_RE = re.compile(r"^CWE[:\-]?(\d+)$", re.IGNORECASE) + + +def map_severity(value): + """Map a Xygeni lowercase severity to a DefectDojo severity. Unknown values become Info.""" + if value is None: + return "Info" + return SEVERITY_MAP.get(str(value).lower(), "Info") + + +def parse_cwe(cwes=None, cwe=None, tags=None): + """ + Resolve a CWE integer from any of the Xygeni representations. + + Preference order: + 1. The numeric ``cwe`` field on the finding. + 2. The first ``"CWE-N"`` entry in ``cwes``. + 3. The first ``"CWE:N"`` / ``"cwe:N"`` entry in ``tags``. + """ + if isinstance(cwe, int): + return cwe + for entry in cwes or []: + match = _CWE_TAG_RE.match(str(entry)) + if match: + return int(match.group(1)) + for entry in tags or []: + match = _CWE_TAG_RE.match(str(entry)) + if match: + return int(match.group(1)) + return None + + +def extract_scan_type(data): + """Read ``metadata.scanType`` from a Xygeni report. Raises ``ValueError`` if absent.""" + if not isinstance(data, dict): + msg = "Xygeni report root must be a JSON object" + raise TypeError(msg) + metadata = data.get("metadata") or {} + scan_type = metadata.get("scanType") + if not scan_type: + msg = "Xygeni report is missing required 'metadata.scanType' field" + raise ValueError(msg) + return str(scan_type).lower() diff --git a/dojo/tools/xygeni/parser.py b/dojo/tools/xygeni/parser.py new file mode 100644 index 00000000000..83d4b1f9d97 --- /dev/null +++ b/dojo/tools/xygeni/parser.py @@ -0,0 +1,67 @@ +""" +Parser for Xygeni JSON reports. + +Xygeni (https://xygeni.io) is a Software Supply Chain Security platform. +It emits a separate JSON report per scanner kind (SAST, SCA, secrets, IaC, +CI/CD misconfig, DAST, suspect dependencies, code tampering). All reports +share a common ``metadata`` envelope with a ``scanType`` discriminator. + +Phase 1 of this parser handles SAST, SCA, and Secrets. Additional scan +types are dispatched-on the same way and can be added incrementally. +""" + +import json +import logging + +from dojo.tools.xygeni._common import extract_scan_type +from dojo.tools.xygeni.sast import parse_sast +from dojo.tools.xygeni.sca import parse_sca +from dojo.tools.xygeni.secrets import parse_secrets + +logger = logging.getLogger(__name__) + + +SCAN_TYPE_SAST = "Xygeni SAST Scan" +SCAN_TYPE_SCA = "Xygeni SCA Scan" +SCAN_TYPE_SECRETS = "Xygeni Secrets Scan" + +# Map from the ``metadata.scanType`` value emitted by the Xygeni CLI to the +# per-kind handler. Keys are lowercase, matching ``extract_scan_type``. +_HANDLERS = { + "sast": parse_sast, + "deps": parse_sca, + "secrets": parse_secrets, +} + + +class XygeniParser: + + """Single parser dispatching on ``metadata.scanType`` across Xygeni scan kinds.""" + + def get_scan_types(self): + return [SCAN_TYPE_SAST, SCAN_TYPE_SCA, SCAN_TYPE_SECRETS] + + def get_label_for_scan_types(self, scan_type): + return scan_type + + def get_description_for_scan_types(self, scan_type): + if scan_type == SCAN_TYPE_SAST: + return "Xygeni SAST JSON report (code vulnerabilities). Generated with 'xygeni scan --scan-type=sast'." + if scan_type == SCAN_TYPE_SCA: + return "Xygeni SCA JSON report (open-source dependency vulnerabilities). Generated with 'xygeni scan --scan-type=deps'." + if scan_type == SCAN_TYPE_SECRETS: + return "Xygeni Secrets JSON report (hard-coded secrets). Generated with 'xygeni scan --scan-type=secrets'." + return "Xygeni JSON report." + + def get_findings(self, file, test): + data = json.load(file) + kind = extract_scan_type(data) + handler = _HANDLERS.get(kind) + if handler is None: + msg = ( + f"Unsupported Xygeni scanType '{kind}'. " + f"Phase 1 supports: {sorted(_HANDLERS)}." + ) + raise ValueError(msg) + logger.debug("Xygeni parser dispatching on scanType=%s", kind) + return handler(data, test) diff --git a/dojo/tools/xygeni/sast.py b/dojo/tools/xygeni/sast.py new file mode 100644 index 00000000000..1e7782e5100 --- /dev/null +++ b/dojo/tools/xygeni/sast.py @@ -0,0 +1,79 @@ +"""Parse Xygeni SAST reports into DefectDojo Findings.""" + +from dojo.models import Finding +from dojo.tools.xygeni._common import map_severity, parse_cwe + + +def parse_sast(data, test): + """Convert a Xygeni SAST JSON report into a list of Findings.""" + return [_build_finding(vuln, test) for vuln in data.get("vulnerabilities") or []] + + +def _build_finding(vuln, test): + location = vuln.get("location") or {} + file_path = location.get("filepath") + line = location.get("beginLine") + code = location.get("code") + + description_parts = [] + if vuln.get("explanation"): + description_parts.append(str(vuln["explanation"])) + if code: + description_parts.append(f"```\n{code}\n```") + + code_flow_text = _render_code_flows(vuln.get("codeFlows") or []) + if code_flow_text: + description_parts.append(code_flow_text) + + finding = Finding( + test=test, + title=str(vuln.get("detector") or "Xygeni SAST finding"), + description="\n\n".join(description_parts) if description_parts else "", + severity=map_severity(vuln.get("severity")), + file_path=file_path, + line=line, + cwe=parse_cwe(cwes=vuln.get("cwes"), cwe=vuln.get("cwe"), tags=vuln.get("tags")), + static_finding=True, + dynamic_finding=False, + unique_id_from_tool=vuln.get("uniqueHash"), + vuln_id_from_tool=vuln.get("issueId"), + ) + + _apply_code_flow_fields(finding, vuln.get("codeFlows") or []) + return finding + + +def _render_code_flows(code_flows): + """Render Xygeni codeFlows[] into a human-readable markdown block for Finding.description.""" + if not code_flows: + return "" + + flow = code_flows[0] + lines = ["**Data flow**"] + for frame in flow.get("frames") or []: + kind = frame.get("kind") or "step" + loc = frame.get("location") or {} + filepath = loc.get("filepath", "?") + line = loc.get("beginLine", "?") + snippet = (loc.get("code") or "").strip() + lines.append(f"- **{kind}** {filepath}:{line} — `{snippet}`") + return "\n".join(lines) if len(lines) > 1 else "" + + +def _apply_code_flow_fields(finding, code_flows): + """Populate Finding.sast_source_* / sast_sink_object from the first code flow's first source/sink.""" + if not code_flows: + return + frames = code_flows[0].get("frames") or [] + source = next((f for f in frames if f.get("kind") == "source"), None) + sink = next((f for f in frames if f.get("kind") == "sink"), None) + + if source: + loc = source.get("location") or {} + finding.sast_source_file_path = loc.get("filepath") + finding.sast_source_line = loc.get("beginLine") + if source.get("injectionPoint"): + finding.sast_source_object = source["injectionPoint"] + + if sink: + finding.sast_sink_object = sink.get("injectionPoint") or (sink.get("location") or {}).get("code") diff --git a/dojo/tools/xygeni/sca.py b/dojo/tools/xygeni/sca.py new file mode 100644 index 00000000000..3be1e5d2e52 --- /dev/null +++ b/dojo/tools/xygeni/sca.py @@ -0,0 +1,77 @@ +"""Parse Xygeni SCA (dependency-vulnerability) reports into DefectDojo Findings.""" + +from dojo.models import Finding +from dojo.tools.xygeni._common import map_severity, parse_cwe + + +def parse_sca(data, test): + """ + Convert a Xygeni SCA JSON report into a list of Findings. + + The Xygeni SCA report stores findings nested inside ``dependencies[]`` — + each dependency may carry a ``vulnerabilities[]`` array of CVE/GHSA + advisories. This parser emits one Finding per nested vulnerability. + """ + findings = [] + for dep in data.get("dependencies") or []: + findings.extend( + _build_finding(dep, vuln, test) for vuln in dep.get("vulnerabilities") or [] + ) + return findings + + +def _build_finding(dep, vuln, test): + component_name = dep.get("name") + component_version = dep.get("version") + + title = str(vuln.get("cve") or vuln.get("id") or "Xygeni SCA finding") + + fixed_version = vuln.get("fixedVersion") + mitigation = None + if fixed_version and component_name: + mitigation = f"Upgrade {component_name} to version {fixed_version} or later." + elif fixed_version: + mitigation = f"Upgrade to version {fixed_version} or later." + + references = "\n".join(str(r) for r in (vuln.get("references") or []) if r) or None + + cvss_score = vuln.get("overallCvssScore") + if cvss_score is None or cvss_score < 0: + cvss_score = None + + finding = Finding( + test=test, + title=title, + description=str(vuln.get("description") or ""), + severity=map_severity(vuln.get("severity")), + cwe=parse_cwe(cwes=vuln.get("cwes")), + cvssv3_score=cvss_score, + mitigation=mitigation, + references=references, + component_name=component_name, + component_version=component_version, + static_finding=True, + dynamic_finding=False, + unique_id_from_tool=vuln.get("uniqueHash"), + vuln_id_from_tool=vuln.get("issueId"), + ) + + if vuln.get("cve"): + finding.cve = vuln["cve"] + + finding.unsaved_vulnerability_ids = _collect_vulnerability_ids(vuln) + return finding + + +def _collect_vulnerability_ids(vuln): + """Return a deduplicated list of CVE/GHSA-style aliases for a Xygeni SCA vulnerability.""" + ids = [] + seen = set() + for value in (vuln.get("cve"), *(vuln.get("aliases") or [])): + if not value: + continue + token = str(value) + if token not in seen: + seen.add(token) + ids.append(token) + return ids diff --git a/dojo/tools/xygeni/secrets.py b/dojo/tools/xygeni/secrets.py new file mode 100644 index 00000000000..ac5b6584b71 --- /dev/null +++ b/dojo/tools/xygeni/secrets.py @@ -0,0 +1,49 @@ +""" +Parse Xygeni Secrets reports into DefectDojo Findings. + +The Xygeni Secrets scanner already redacts the matched secret value in both +``secret`` and ``location.code`` before serialising the report, so this +parser surfaces those fields as-is. +""" + +from pathlib import PurePosixPath + +from dojo.models import Finding +from dojo.tools.xygeni._common import map_severity, parse_cwe + +DEFAULT_CWE = 798 # CWE-798: Use of Hard-coded Credentials + + +def parse_secrets(data, test): + """Convert a Xygeni Secrets JSON report into a list of Findings.""" + return [_build_finding(secret, test) for secret in data.get("secrets") or []] + + +def _build_finding(secret, test): + location = secret.get("location") or {} + filepath = location.get("filepath") or "" + filename = PurePosixPath(filepath).name or filepath or "unknown file" + secret_type = secret.get("type") or secret.get("detector") or "secret" + + description_parts = [] + if secret.get("description"): + description_parts.append(str(secret["description"])) + if location.get("code"): + description_parts.append(f"```\n{location['code']}\n```") + + cwe = parse_cwe(tags=secret.get("tags")) or DEFAULT_CWE + + return Finding( + test=test, + title=f"{secret_type} secret detected in {filename}", + description="\n\n".join(description_parts) if description_parts else "", + severity=map_severity(secret.get("severity")), + file_path=filepath or None, + line=location.get("beginLine"), + cwe=cwe, + mitigation=f"Rotate this {secret_type} secret immediately and remove it from version-control history.", + static_finding=True, + dynamic_finding=False, + unique_id_from_tool=secret.get("uniqueHash"), + vuln_id_from_tool=secret.get("issueId"), + ) diff --git a/unittests/scans/xygeni/sast_many_findings.json b/unittests/scans/xygeni/sast_many_findings.json new file mode 100644 index 00000000000..56d90c49cf9 --- /dev/null +++ b/unittests/scans/xygeni/sast_many_findings.json @@ -0,0 +1,13248 @@ +{ + "metadata" : { + "uuid" : "6433bfb4-69f0-4627-837d-3261d9c8f74c", + "timestamp" : "2026-04-26T08:27:27.144291373Z", + "projectName" : "adeyosemanputra/pygoat", + "directory" : "/home/lrodriguez/work/sast/pygoat", + "baselineFile" : "/home/lrodriguez/work/sast/pygoat/.xygeni.sast.baseline.json", + "developerHashes" : [ ], + "sourceType" : "REPO", + "scanType" : "sast", + "scm" : { + "kind" : "github", + "url" : "https://github.com/adeyosemanputra/pygoat.git", + "fullName" : "adeyosemanputra/pygoat", + "branch" : "origin/master", + "defaultBranch" : "origin/master", + "visibility" : "public" + }, + "reportProperties" : { + "os.release" : "Ubuntu 24.04.4 LTS (Linux 6.17.0-20-generic amd64)", + "tool.url" : "https://docs.xygeni.io", + "tool.version" : "6.7.0", + "tool.name" : "Xygeni" + }, + "baseline" : false, + "diffMode" : false, + "incrementalMode" : false, + "format" : "sast-xygeni" + }, + "rules" : [ ], + "vulnerabilities" : [ { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/insec_des_lab/templates/index.html", + "beginLine" : 61, + "endLine" : 61, + "code" : "
", + "beginColumn" : 13, + "endColumn" : 52 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "N0JJTPOJPJBHZw0haLys5Q", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.dockerized_labs/insec_des_lab/templates/index.html.61", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/insec_des_lab/templates/index.html", + "beginLine" : 69, + "endLine" : 69, + "code" : "", + "beginColumn" : 13, + "endColumn" : 54 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "OYjyP1j80jL9kGe23KOx9Q", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.dockerized_labs/insec_des_lab/templates/index.html.69", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab/BrokenAccess/ba_lab.html", + "beginLine" : 14, + "endLine" : 14, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "VBMAwBWgRRUitfXHgOGxnw", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/Lab/BrokenAccess/ba_lab.html.14", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/BrokenAccess/ba_lab.html", + "beginLine" : 11, + "endLine" : 11, + "code" : "", + "beginColumn" : 9, + "endColumn" : 45 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "3XzM786VE5rK47eBkjaU4g", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.introduction/templates/Lab/BrokenAccess/ba_lab.html.11", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "dockerized_labs/insec_des_lab/templates/index.html", + "beginLine" : 62, + "endLine" : 62, + "code" : "", + "beginColumn" : 17, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "pWwd/Zr10WSFpRFgttr7TQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.dockerized_labs/insec_des_lab/templates/index.html.62", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/BrokenAccess/ba_lab.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 13, + "endColumn" : 78 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "7xkDVcd38nKIoW/ovp6oEA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/BrokenAccess/ba_lab.html.13", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/BrokenAccess/ba_lab.html", + "beginLine" : 14, + "endLine" : 14, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "QjKJpAcUTHh+Cs9AVgbHjA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/BrokenAccess/ba_lab.html.14", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/BrokenAccess/ba_lab.html", + "beginLine" : 41, + "endLine" : 41, + "code" : "onclick=\"window.location.href='/ba'\"", + "beginColumn" : 64, + "endColumn" : 99 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "n+5MICK/6iqCFF48+BL6gg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/BrokenAccess/ba_lab.html.41", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/BrokenAuth/bau.html", + "beginLine" : 84, + "endLine" : 84, + "code" : "onclick=\"window.location.href='/bau_lab'\"", + "beginColumn" : 21, + "endColumn" : 61 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "fIXp2fQVrdfDukbXPoljYg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/BrokenAuth/bau.html.84", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_top2.html", + "beginLine" : 36, + "endLine" : 36, + "code" : "onclick=\"window.location.href='/2021/A8/lab2'\"", + "beginColumn" : 64, + "endColumn" : 109 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "IhZfTaFT61KkMcuVGZgDIg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_top2.html.36", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 125, + "endLine" : 125, + "code" : "", + "beginColumn" : 5, + "endColumn" : 43 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "VsqoC9U6q8EYG0QZ5UqxXw", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.introduction/templates/Lab/ssrf/ssrf_discussion.html.125", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 130, + "endLine" : 130, + "code" : "", + "beginColumn" : 5, + "endColumn" : 43 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "VsqoC9U6q8EYG0QZ5UqxXw", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.introduction/templates/Lab/ssrf/ssrf_discussion.html.130", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 135, + "endLine" : 135, + "code" : "", + "beginColumn" : 5, + "endColumn" : 43 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "VsqoC9U6q8EYG0QZ5UqxXw", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.introduction/templates/Lab/ssrf/ssrf_discussion.html.135", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 140, + "endLine" : 140, + "code" : "", + "beginColumn" : 5, + "endColumn" : 43 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "VsqoC9U6q8EYG0QZ5UqxXw", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.introduction/templates/Lab/ssrf/ssrf_discussion.html.140", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab/BrokenAuth/bau_lab.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "avMwkjroviouymMXefAsMQ", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/Lab/BrokenAuth/bau_lab.html.13", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/BrokenAuth/bau_lab.html", + "beginLine" : 12, + "endLine" : 12, + "code" : "", + "beginColumn" : 13, + "endColumn" : 78 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "V1gjLyVlXOnXjUyDqyq0ug", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/BrokenAuth/bau_lab.html.12", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/BrokenAuth/bau_lab.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "fZSsFwY6/odXWcnOWuizBA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/BrokenAuth/bau_lab.html.13", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/insec_des_lab/templates/result.html", + "beginLine" : 22, + "endLine" : 22, + "code" : "onclick=\"window.location.href='/'\"", + "beginColumn" : 50, + "endColumn" : 83 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "zwkfUGoBnEnBQRN9eYVJuQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.dockerized_labs/insec_des_lab/templates/result.html.22", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/BrokenAuth/bau_lab.html", + "beginLine" : 31, + "endLine" : 31, + "code" : "onclick=\"window.location.href='/bau'\"", + "beginColumn" : 64, + "endColumn" : 100 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "OIocv10vcXd2a6HLFwEAaw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/BrokenAuth/bau_lab.html.31", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 37, + "endLine" : 37, + "code" : "", + "beginColumn" : 44, + "endColumn" : 76 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "HUz8TKZDOrV0Mb+3yUaufg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.37", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 38, + "endLine" : 38, + "code" : "", + "beginColumn" : 44, + "endColumn" : 76 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "APmhzqE5B6C3YBRmg0MOsg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.38", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 39, + "endLine" : 39, + "code" : "", + "beginColumn" : 44, + "endColumn" : 76 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "UU/sB7uFAfgly5il30NqEg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.39", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 40, + "endLine" : 40, + "code" : "", + "beginColumn" : 44, + "endColumn" : 76 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "1cmyEbepA/GKEvnilnHF7w", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.40", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 41, + "endLine" : 41, + "code" : "", + "beginColumn" : 44, + "endColumn" : 76 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "YteTuTJ/48oA1Q0X/4P+9Q", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.41", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 42, + "endLine" : 42, + "code" : "", + "beginColumn" : 44, + "endColumn" : 76 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "OqIwtJ8VDanCcBFWxviwOw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.42", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 43, + "endLine" : 43, + "code" : "", + "beginColumn" : 44, + "endColumn" : 76 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "c3Vyplg8gODuC88pWkpB7Q", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.43", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 44, + "endLine" : 44, + "code" : "", + "beginColumn" : 44, + "endColumn" : 76 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "ntkv1X9H1lIxI6rj5UnRWw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.44", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 45, + "endLine" : 45, + "code" : "", + "beginColumn" : 44, + "endColumn" : 76 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "D1dwOxMEyevxhJNkP+Cs3g", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.45", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 46, + "endLine" : 46, + "code" : "", + "beginColumn" : 44, + "endColumn" : 77 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "iJtc5oS4qHnB2TvnUZ2WeQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.46", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 47, + "endLine" : 47, + "code" : "", + "beginColumn" : 44, + "endColumn" : 77 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "GJ4QvJMmkqHorO3AwGO2Ng", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.47", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 48, + "endLine" : 48, + "code" : "", + "beginColumn" : 44, + "endColumn" : 77 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "jQzWRJRiAAE63OGFj7AOTQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.48", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_top21.html", + "beginLine" : 33, + "endLine" : 33, + "code" : "onclick=\"window.location.href='/ssrf_lab'\"", + "beginColumn" : 68, + "endColumn" : 109 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "87zNeNHwX5euy4F6CrRVNw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_top21.html.33", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 49, + "endLine" : 49, + "code" : "", + "beginColumn" : 44, + "endColumn" : 77 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "MZ73R7zW7xTNMxX3KnaotA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.49", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 50, + "endLine" : 50, + "code" : "", + "beginColumn" : 44, + "endColumn" : 77 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "E/qkFQZ6nKz3ED6dHsADPg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.50", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_top21.html", + "beginLine" : 50, + "endLine" : 50, + "code" : "onclick=\"window.location.href='/ssrf_lab2'\"", + "beginColumn" : 68, + "endColumn" : 110 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "PPOyLz0jpJvovnSD04Bq6w", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_top21.html.50", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 51, + "endLine" : 51, + "code" : "", + "beginColumn" : 44, + "endColumn" : 77 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "GFzVYDOIXzQnHZiwMC1Yxw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.51", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 52, + "endLine" : 52, + "code" : "", + "beginColumn" : 44, + "endColumn" : 77 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "TuMyCGxDmS8FniyvhaQ05w", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.52", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "python.code_injection_deserialization", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "dockerized_labs/insec_des_lab/main.py", + "beginLine" : 36, + "endLine" : 36, + "code" : "pickle.loads(decoded_data)", + "beginColumn" : 16, + "endColumn" : 41 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "dockerized_labs/insec_des_lab/main.py", + "beginLine" : 33, + "endLine" : 33, + "code" : "serialized_data = request.form.get('serialized_data', '')", + "beginColumn" : 9, + "endColumn" : 23 + }, + "container" : "def deserialize_data()", + "injectionPoint" : "serialized_data", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "dockerized_labs/insec_des_lab/main.py", + "beginLine" : 36, + "endLine" : 36, + "code" : "pickle.loads(decoded_data)", + "beginColumn" : 23, + "endColumn" : 27 + }, + "container" : "def deserialize_data()", + "category" : "code_injection_deserialization" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "dockerized_labs/insec_des_lab/main.py", + "beginLine" : 33, + "endLine" : 33, + "code" : "serialized_data = request.form.get('serialized_data', '')", + "beginColumn" : 9, + "endColumn" : 23 + }, + "variableName" : "serialized_data" + }, { + "kind" : "assign", + "location" : { + "filepath" : "dockerized_labs/insec_des_lab/main.py", + "beginLine" : 34, + "endLine" : 34, + "code" : "base64.b64decode(serialized_data)", + "beginColumn" : 41, + "endColumn" : 55 + }, + "variableName" : "serialized_data" + }, { + "kind" : "sink", + "location" : { + "filepath" : "dockerized_labs/insec_des_lab/main.py", + "beginLine" : 36, + "endLine" : 36, + "code" : "pickle.loads(decoded_data)", + "beginColumn" : 29, + "endColumn" : 40 + }, + "variableName" : "decoded_data" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-502" ], + "tags" : [ "CWE:502", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.1", "python3" ], + "uniqueHash" : "nsXRi+PTLom/sG8m6weOXw", + "cwe" : 502, + "issueId" : "SAS.injection.python.code_injection_deserialization.dockerized_labs/insec_des_lab/main.py.36", + "explanation" : "Improper deserialization of untrusted data" + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 71, + "endLine" : 71, + "code" : "", + "beginColumn" : 44, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "dEqojA8/0oEU/ksPWNJEqg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.71", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 72, + "endLine" : 72, + "code" : "", + "beginColumn" : 44, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "+ezAQSZ2OaZD2etBMCx6gw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.72", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 73, + "endLine" : 73, + "code" : "", + "beginColumn" : 44, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "TirARVXAoOrtLnkKkid64g", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.73", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 74, + "endLine" : 74, + "code" : "", + "beginColumn" : 44, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "ekCLL7ZxirQvkhHMYJMtwQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.74", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 75, + "endLine" : 75, + "code" : "", + "beginColumn" : 44, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "SuLGuXfkHYFcTmtmzF4stQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.75", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 76, + "endLine" : 76, + "code" : "", + "beginColumn" : 44, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "+8Da5oJIxZEMrtp8TYt9yw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.76", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 77, + "endLine" : 77, + "code" : "", + "beginColumn" : 44, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "gvyzHHKfu74I9lE0wfL+Fw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.77", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 78, + "endLine" : 78, + "code" : "", + "beginColumn" : 44, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "t77pOvWshqcsr2tye+QRrg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.78", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 79, + "endLine" : 79, + "code" : "", + "beginColumn" : 44, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "jSlFvG0OFw92olmR/dEa9g", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.79", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 80, + "endLine" : 80, + "code" : "", + "beginColumn" : 44, + "endColumn" : 90 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "O9CsRq9qz340N6wCPS8IWQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.80", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 81, + "endLine" : 81, + "code" : "", + "beginColumn" : 44, + "endColumn" : 90 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "684hh4RngqdMW9P2Nd3/qg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.81", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 82, + "endLine" : 82, + "code" : "", + "beginColumn" : 44, + "endColumn" : 90 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "YNY+YsbdjScQpKESVN5XqQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.82", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 83, + "endLine" : 83, + "code" : "", + "beginColumn" : 44, + "endColumn" : 90 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "LTFr3mDIe0ZoV/C/Emtxvg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.83", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 84, + "endLine" : 84, + "code" : "", + "beginColumn" : 44, + "endColumn" : 90 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "gcYiTLMbHf8uzMcWq2vwOw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.84", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 85, + "endLine" : 85, + "code" : "", + "beginColumn" : 44, + "endColumn" : 90 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "iBvj/s5h366qGJqDAUU5Ow", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.85", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 86, + "endLine" : 86, + "code" : "", + "beginColumn" : 44, + "endColumn" : 90 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "D+cRLiaDUd6a1zffIMeMsg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.86", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 87, + "endLine" : 87, + "code" : "", + "beginColumn" : 44, + "endColumn" : 90 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "mX4LupPE9r1UVvClMVgTkQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.87", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 88, + "endLine" : 88, + "code" : "", + "beginColumn" : 44, + "endColumn" : 90 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "aVStFiQrDmVZ2lFtJ36tLw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.88", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 127, + "endLine" : 127, + "code" : "", + "beginColumn" : 9, + "endColumn" : 84 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "+woi2i9T4iaKiD7Z3PjYeQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.127", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 132, + "endLine" : 132, + "code" : "", + "beginColumn" : 9, + "endColumn" : 84 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "O62JCVjUd78gTHfhpZbjSw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.132", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 137, + "endLine" : 137, + "code" : "", + "beginColumn" : 9, + "endColumn" : 84 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "wiC0qAsuO1JniDzIe4gVeA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.137", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 142, + "endLine" : 142, + "code" : "", + "beginColumn" : 9, + "endColumn" : 84 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "K40kYA172Sz4XK4K7wnsBQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_discussion.html.142", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 9, + "endLine" : 9, + "code" : "onclick=frame1to2()", + "beginColumn" : 56, + "endColumn" : 74 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "O9CuUYOT3kFsE3ABhC8pQw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/ssrf/ssrf_discussion.html.9", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 34, + "endLine" : 34, + "code" : "onclick=frame2to3()", + "beginColumn" : 114, + "endColumn" : 132 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "M3sjcURgTdYgibi92zPzqg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/ssrf/ssrf_discussion.html.34", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 68, + "endLine" : 68, + "code" : "onclick=frame3to4()", + "beginColumn" : 114, + "endColumn" : 132 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "pxpXP5m1LPPAfy4HiY3fgA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/ssrf/ssrf_discussion.html.68", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.missing_clickjacking_protection", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/base.html", + "beginLine" : 3, + "endLine" : 3, + "code" : "", + "beginColumn" : 1, + "endColumn" : 6 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-1021" ], + "tags" : [ "CWE:1021", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "gqRwd/JfJkVkheChW2W8vw", + "cwe" : 1021, + "issueId" : "SAS.access_control.html.missing_clickjacking_protection.dockerized_labs/broken_auth_lab/templates/base.html.3", + "explanation" : "Prevents your site from being embedded in a malicious invisible iframe." + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/BrokenAuth/otp.html", + "beginLine" : 18, + "endLine" : 18, + "code" : "", + "beginColumn" : 5, + "endColumn" : 38 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "/gh2vu8iz4PIsPMhR9UylQ", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.introduction/templates/Lab/BrokenAuth/otp.html.18", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/BrokenAuth/otp.html", + "beginLine" : 10, + "endLine" : 10, + "code" : "", + "beginColumn" : 13, + "endColumn" : 75 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "q7h5VPhGAaV41mVPGP01eg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/BrokenAuth/otp.html.10", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 148, + "endLine" : 148, + "code" : "onclick=checkcode()", + "beginColumn" : 42, + "endColumn" : 60 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "W3yIq12TC/fjDiHGGAzqJQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/ssrf/ssrf_discussion.html.148", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_discussion.html", + "beginLine" : 155, + "endLine" : 155, + "code" : "onclick=\"window.location.href='/ssrf'\"", + "beginColumn" : 108, + "endColumn" : 145 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "uc4jX5n9g/ez1/UF7Zjelw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/ssrf/ssrf_discussion.html.155", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/base.html", + "beginLine" : 10, + "endLine" : 10, + "code" : "onclick=\"toggleTheme()\"", + "beginColumn" : 34, + "endColumn" : 56 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "K/wGtdGvi7yTmz2HHIIJSQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.dockerized_labs/broken_auth_lab/templates/base.html.10", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.unsafe_content_security_policy", + "kind" : "access_control", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/base.html", + "beginLine" : 3, + "endLine" : 3, + "code" : "", + "beginColumn" : 1, + "endColumn" : 6 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-1021" ], + "tags" : [ "CWE:1021", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "hd4HnRuwW/89JSRTIsHnHA", + "cwe" : 1021, + "issueId" : "SAS.access_control.html.unsafe_content_security_policy.dockerized_labs/broken_auth_lab/templates/base.html.3", + "explanation" : "CSP is a defense-in-depth mechanism that reduces XSS exploitability. Implement a strict CSP. Start with default-src 'self' and avoid 'unsafe-inline'." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_top25.html", + "beginLine" : 35, + "endLine" : 35, + "code" : "onclick=\"window.location.href='/mitre/25/lab'\"", + "beginColumn" : 50, + "endColumn" : 95 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "y3xavg4IP8yNPaVCwX1LJg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_top25.html.35", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "python.django_unsafe_session_configuration", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "pygoat/settings.py", + "beginLine" : 1, + "endLine" : 172, + "code" : "\"\"\" \nDjango settings for pygoat project.\n\nGenerated by 'django-admin startproject' using Django 3.0.6.\n\nFor more information on this file, see\nhttps://docs.djangoproject.com/en/3.0/topics/settings/\n\nFor the full list of settings and their values, see\nhttps://docs.djangoproject.com/en/3.0/ref/settings/\n\"\"\"\n\nimport os\n\nimport django_heroku\n\n# Build p", + "beginColumn" : 1, + "endColumn" : 94 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1275" ], + "properties" : { + "unique.hash.prop" : "samesite" + }, + "tags" : [ "CWE:1275", "django", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "nu+K4homta1FQe79QByB7Q", + "cwe" : 1275, + "issueId" : "SAS.misconfiguration.python.django_unsafe_session_configuration.samesite.pygoat/settings.py.1", + "explanation" : "Session cookie samesite attribute is not properly configured, application may be vulnerable to CSRF attacks: 'Lax'" + }, { + "detector" : "python.django_unsafe_session_configuration", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "pygoat/settings.py", + "beginLine" : 1, + "endLine" : 172, + "code" : "\"\"\" \nDjango settings for pygoat project.\n\nGenerated by 'django-admin startproject' using Django 3.0.6.\n\nFor more information on this file, see\nhttps://docs.djangoproject.com/en/3.0/topics/settings/\n\nFor the full list of settings and their values, see\nhttps://docs.djangoproject.com/en/3.0/ref/settings/\n\"\"\"\n\nimport os\n\nimport django_heroku\n\n# Build p", + "beginColumn" : 1, + "endColumn" : 94 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "django", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "RKSHSm2VRfuDvL3z/fwxGA", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.django_unsafe_session_configuration.httponly.pygoat/settings.py.1", + "explanation" : "Session cookie HttpOnly flag not enforced" + }, { + "detector" : "python.django_unsafe_session_configuration", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "pygoat/settings.py", + "beginLine" : 1, + "endLine" : 172, + "code" : "\"\"\" \nDjango settings for pygoat project.\n\nGenerated by 'django-admin startproject' using Django 3.0.6.\n\nFor more information on this file, see\nhttps://docs.djangoproject.com/en/3.0/topics/settings/\n\nFor the full list of settings and their values, see\nhttps://docs.djangoproject.com/en/3.0/ref/settings/\n\"\"\"\n\nimport os\n\nimport django_heroku\n\n# Build p", + "beginColumn" : 1, + "endColumn" : 94 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "django", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "SghyAktSdLkgt6QyAdxb6A", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.django_unsafe_session_configuration.secure.pygoat/settings.py.1", + "explanation" : "Session cookie Secure flag not enforced" + }, { + "detector" : "python.django_unsafe_session_configuration", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "pygoat/settings.py", + "beginLine" : 1, + "endLine" : 172, + "code" : "\"\"\" \nDjango settings for pygoat project.\n\nGenerated by 'django-admin startproject' using Django 3.0.6.\n\nFor more information on this file, see\nhttps://docs.djangoproject.com/en/3.0/topics/settings/\n\nFor the full list of settings and their values, see\nhttps://docs.djangoproject.com/en/3.0/ref/settings/\n\"\"\"\n\nimport os\n\nimport django_heroku\n\n# Build p", + "beginColumn" : 1, + "endColumn" : 94 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "django", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "PgnZDzLB3HOUV4fjRg85tA", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.django_unsafe_session_configuration.path.pygoat/settings.py.1", + "explanation" : "Session cookie path is not allowed: '/'" + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_top3.html", + "beginLine" : 79, + "endLine" : 79, + "code" : "onclick=\"window.location.href='/sql_lab'\"", + "beginColumn" : 21, + "endColumn" : 61 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "zwdjLqjnRICUxx9kLH8Qug", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_top3.html.79", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/CMD/cmd_lab.html", + "beginLine" : 9, + "endLine" : 9, + "code" : "", + "beginColumn" : 9, + "endColumn" : 46 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "RGhQ1I85FrD852r1t76+1Q", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.introduction/templates/Lab/CMD/cmd_lab.html.9", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/dashboard.html", + "beginLine" : 52, + "endLine" : 52, + "code" : "onclick=\"logout()\"", + "beginColumn" : 35, + "endColumn" : 52 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "XSukoukDDZyMQkM3izqsfg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.dockerized_labs/broken_auth_lab/templates/dashboard.html.52", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/CMD/cmd_lab.html", + "beginLine" : 10, + "endLine" : 10, + "code" : "", + "beginColumn" : 13, + "endColumn" : 77 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Xt3lsNkbZsRt/HUE4mbC6Q", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/CMD/cmd_lab.html.10", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/CMD/cmd_lab.html", + "beginLine" : 11, + "endLine" : 11, + "code" : "", + "beginColumn" : 13, + "endColumn" : 67 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "K9SHYtppKX7pzA1PBWne7Q", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/CMD/cmd_lab.html.11", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/CMD/cmd_lab.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 13, + "endColumn" : 67 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "zPQfxQisVggTAxaHWpYMeQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/CMD/cmd_lab.html.13", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/CMD/cmd_lab.html", + "beginLine" : 30, + "endLine" : 30, + "code" : "onclick=\"window.location.href='/cmd'\"", + "beginColumn" : 64, + "endColumn" : 100 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "472WXgmdhfTSipQDD+pu7w", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/CMD/cmd_lab.html.30", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_lab.html", + "beginLine" : 15, + "endLine" : 15, + "code" : "", + "beginColumn" : 13, + "endColumn" : 88 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "cn6PJb/oaVP0ZKLnXl5mbg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_lab.html.15", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_lab.html", + "beginLine" : 20, + "endLine" : 20, + "code" : "", + "beginColumn" : 13, + "endColumn" : 88 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "qwpEUKbEJm4jYmh8/jNuDg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_lab.html.20", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_lab.html", + "beginLine" : 25, + "endLine" : 25, + "code" : "", + "beginColumn" : 13, + "endColumn" : 88 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Bv0F0kfI+ml/S1Z7t/OHHg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_lab.html.25", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_lab.html", + "beginLine" : 30, + "endLine" : 30, + "code" : "", + "beginColumn" : 13, + "endColumn" : 88 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "HTMTxqwamu/7lhVO+sti5A", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_lab.html.30", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/CMD/cmd_lab2.html", + "beginLine" : 9, + "endLine" : 9, + "code" : "", + "beginColumn" : 9, + "endColumn" : 47 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "3Wl6nb7Cedqy9j1kE0F55A", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.introduction/templates/Lab/CMD/cmd_lab2.html.9", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_lab.html", + "beginLine" : 69, + "endLine" : 69, + "code" : "onclick=\"window.location.href='/ssrf'\"", + "beginColumn" : 104, + "endColumn" : 141 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "7hSHHlerl742Lk5forcoHA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/ssrf/ssrf_lab.html.69", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/CMD/cmd_lab2.html", + "beginLine" : 10, + "endLine" : 10, + "code" : "", + "beginColumn" : 13, + "endColumn" : 64 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "v/am9bY+VC/mv6rBIYfHAg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/CMD/cmd_lab2.html.10", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/CMD/cmd_lab2.html", + "beginLine" : 26, + "endLine" : 26, + "code" : "onclick=\"window.location.href='/cmd'\"", + "beginColumn" : 64, + "endColumn" : 100 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "4sWGa0RSRpkonK2mf7CS3A", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/CMD/cmd_lab2.html.26", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_top4.html", + "beginLine" : 72, + "endLine" : 72, + "code" : "onclick=\"window.location.href='/ssti/lab'\"", + "beginColumn" : 15, + "endColumn" : 56 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "b2inP0UwAdjhlN8PyP6w3A", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_top4.html.72", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/DataExp/data_exp.html", + "beginLine" : 30, + "endLine" : 30, + "code" : "onclick=\"window.location.href='/data_exp_lab'\"", + "beginColumn" : 11, + "endColumn" : 56 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "RrT6Xw8u8Qdz8UvCfNmNlw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/DataExp/data_exp.html.30", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_top4.html", + "beginLine" : 81, + "endLine" : 81, + "code" : "onclick=\"window.location.href='/a10_lab_2'\"", + "beginColumn" : 15, + "endColumn" : 57 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "rjiz62P7Nf5kHOw6kV7lVg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_top4.html.81", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_top4.html", + "beginLine" : 88, + "endLine" : 88, + "code" : "onclick=\"window.location.href='/injection_sql_lab'\"", + "beginColumn" : 25, + "endColumn" : 75 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "qbzcO1m1c2GEankwCXkrWw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_top4.html.88", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_lab2.html", + "beginLine" : 17, + "endLine" : 17, + "code" : "", + "beginColumn" : 13, + "endColumn" : 96 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "XjLcI6x86UQ7FZ07zlRiYA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/ssrf/ssrf_lab2.html.17", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_lab2.html", + "beginLine" : 49, + "endLine" : 49, + "code" : "onclick=\"window.location.href='/ssrf'\"", + "beginColumn" : 104, + "endColumn" : 141 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "yxe/nMxCVlkB7RJiVt52sA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/ssrf/ssrf_lab2.html.49", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/XXE/xxe_lab.html", + "beginLine" : 17, + "endLine" : 17, + "code" : "", + "beginColumn" : 9, + "endColumn" : 55 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "aiRjY4yr7EZb8NWQgTXqaA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/XXE/xxe_lab.html.17", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/XXE/xxe_lab.html", + "beginLine" : 18, + "endLine" : 18, + "code" : "", + "beginColumn" : 9, + "endColumn" : 73 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "DzFUnNXYqzEdWYse/9UjcA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/XXE/xxe_lab.html.18", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/XXE/xxe_lab.html", + "beginLine" : 24, + "endLine" : 24, + "code" : "onclick=\"window.location.href='/xxe_see'\"", + "beginColumn" : 48, + "endColumn" : 88 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "A5X8ggHzXWLXgXyglmnstA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/XXE/xxe_lab.html.24", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/XXE/xxe_lab.html", + "beginLine" : 32, + "endLine" : 32, + "code" : "onclick=\"window.location.href='/xxe'\"", + "beginColumn" : 64, + "endColumn" : 100 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "OwMQqNgwr9ew3yWcQByX0g", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/XXE/xxe_lab.html.32", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/DataExp/data_exp_lab.html", + "beginLine" : 16, + "endLine" : 16, + "code" : "onclick=\"window.location.href='/data_exp'\"", + "beginColumn" : 64, + "endColumn" : 105 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "s5Sc7N5pg3xh7+Rbj4g2fQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/DataExp/data_exp_lab.html.16", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/index.html", + "beginLine" : 40, + "endLine" : 40, + "code" : "onclick=\"showLabDetails()\"", + "beginColumn" : 39, + "endColumn" : 64 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "dKkHbGy8BMYICCCh+y6kiA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.dockerized_labs/broken_auth_lab/templates/index.html.40", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/index.html", + "beginLine" : 41, + "endLine" : 41, + "code" : "onclick=\"window.location.href='/lab'\"", + "beginColumn" : 39, + "endColumn" : 75 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "ufgtgTBMtJZ1xRNGF3SsVg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.dockerized_labs/broken_auth_lab/templates/index.html.41", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "python.django_unsafe_configuration", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "pygoat/settings.py", + "beginLine" : 25, + "endLine" : 25, + "code" : "SECRET_KEY = 'lr***********...'", + "beginColumn" : 1, + "endColumn" : 65 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-798" ], + "tags" : [ "CWE-693", "CWE:798", "django", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A2", "OWASP:2021:A5", "OWASP:2021:A7", "PCI-DSS:3.6.1", "PCI-DSS:6.5.6" ], + "uniqueHash" : "1GWP3ZMhCkHyo89weFgPew", + "cwe" : 798, + "issueId" : "SAS.misconfiguration.python.django_unsafe_configuration.pygoat/settings.py.25", + "explanation" : "Hardcoded secret key may expose the application to security risks if the key is leaked" + }, { + "detector" : "python.django_unsafe_configuration", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "pygoat/settings.py", + "beginLine" : 30, + "endLine" : 30, + "code" : "DEBUG = True", + "beginColumn" : 1, + "endColumn" : 12 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-489" ], + "tags" : [ "CWE-693", "CWE:489", "django", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A2", "OWASP:2021:A5", "OWASP:2021:A7", "PCI-DSS:3.6.1", "PCI-DSS:6.5.6" ], + "uniqueHash" : "E0rg38RTLBIZNNYrnvox+A", + "cwe" : 489, + "issueId" : "SAS.misconfiguration.python.django_unsafe_configuration.pygoat/settings.py.30", + "explanation" : "Leftover debug level may lead to sensitive information exposure" + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/playground/A6/index.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "onclick=event1()", + "beginColumn" : 161, + "endColumn" : 176 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "NaRdW9bGbaXS7Sv9Vo/liw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/playground/A6/index.html.13", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/insec_des/insec_des.html", + "beginLine" : 35, + "endLine" : 35, + "code" : "onclick=\"window.location.href='/insec_des_lab'\"", + "beginColumn" : 52, + "endColumn" : 98 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "aHO4bG9evAVjnuvNBxLByA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/insec_des/insec_des.html.35", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/lab.html", + "beginLine" : 15, + "endLine" : 15, + "code" : "", + "beginColumn" : 17, + "endColumn" : 87 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Qq7lxfJoZeSTTFO6P1XLKw", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.dockerized_labs/broken_auth_lab/templates/lab.html.15", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/lab.html", + "beginLine" : 32, + "endLine" : 32, + "code" : "", + "beginColumn" : 17, + "endColumn" : 87 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Qq7lxfJoZeSTTFO6P1XLKw", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.dockerized_labs/broken_auth_lab/templates/lab.html.32", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/lab.html", + "beginLine" : 33, + "endLine" : 33, + "code" : "", + "beginColumn" : 17, + "endColumn" : 103 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "ON9BG6SssJ8ISKvTQF6SCg", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.dockerized_labs/broken_auth_lab/templates/lab.html.33", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "python.server_insecure_transport", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/insec_des_lab/main.py", + "beginLine" : 51, + "endLine" : 51, + "code" : "app.run(host='0.0.0.0', port=8080)", + "beginColumn" : 5, + "endColumn" : 38 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-319" ], + "properties" : { + "unique.hash.prop" : "flask" + }, + "tags" : [ "CWE:319", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4" ], + "uniqueHash" : "Mi1E4dE8pmHAQIOEuvPLdQ", + "cwe" : 319, + "issueId" : "SAS.information_leak.python.server_insecure_transport.flask.dockerized_labs/insec_des_lab/main.py.51", + "explanation" : "Provide a proper SSL Context so Flask can serve with HTTPS protocol" + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/SQL/sql.html", + "beginLine" : 77, + "endLine" : 77, + "code" : "onclick=\"window.location.href='/sql_lab'\"", + "beginColumn" : 21, + "endColumn" : 61 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "XmLuIQENSZypt2k4LsPAKg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/SQL/sql.html.77", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/lab.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 13, + "endColumn" : 48 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "DVc88yufZM8+Z7nAWF+e6A", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.dockerized_labs/broken_auth_lab/templates/lab.html.13", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/lab.html", + "beginLine" : 29, + "endLine" : 29, + "code" : "", + "beginColumn" : 13, + "endColumn" : 51 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "jGLc3+V96eAfeDz9DyWrkA", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.dockerized_labs/broken_auth_lab/templates/lab.html.29", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/lab.html", + "beginLine" : 40, + "endLine" : 40, + "code" : "", + "beginColumn" : 13, + "endColumn" : 57 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "6wVBqxm6toDTnyy5nIX4yw", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.dockerized_labs/broken_auth_lab/templates/lab.html.40", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/playground/A6/index.html", + "beginLine" : 27, + "endLine" : 27, + "code" : "onclick=event5()", + "beginColumn" : 167, + "endColumn" : 182 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "cr+5D6a5+acbhnYX75yg+w", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/playground/A6/index.html.27", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/playground/A6/index.html", + "beginLine" : 30, + "endLine" : 30, + "code" : "onclick=event6()", + "beginColumn" : 166, + "endColumn" : 181 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "ExjtfxsfXyoX7YOMhjcPVA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/playground/A6/index.html.30", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/lab.html", + "beginLine" : 14, + "endLine" : 14, + "code" : "", + "beginColumn" : 17, + "endColumn" : 83 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "1Xhbp40Znhwevp+mmXprSw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.dockerized_labs/broken_auth_lab/templates/lab.html.14", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/lab.html", + "beginLine" : 15, + "endLine" : 15, + "code" : "", + "beginColumn" : 17, + "endColumn" : 87 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "10M8WF6Eq28iKfiXkgBSPA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.dockerized_labs/broken_auth_lab/templates/lab.html.15", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/lab.html", + "beginLine" : 17, + "endLine" : 17, + "code" : "", + "beginColumn" : 21, + "endColumn" : 79 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "0M9JpYWPs4NDAK594Pf7Tg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.dockerized_labs/broken_auth_lab/templates/lab.html.17", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/lab.html", + "beginLine" : 30, + "endLine" : 30, + "code" : "", + "beginColumn" : 17, + "endColumn" : 83 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "1Xhbp40Znhwevp+mmXprSw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.dockerized_labs/broken_auth_lab/templates/lab.html.30", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/lab.html", + "beginLine" : 31, + "endLine" : 31, + "code" : "", + "beginColumn" : 17, + "endColumn" : 78 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "9/Jdtbjq2CXo34+jb84emg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.dockerized_labs/broken_auth_lab/templates/lab.html.31", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/lab.html", + "beginLine" : 32, + "endLine" : 32, + "code" : "", + "beginColumn" : 17, + "endColumn" : 87 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "10M8WF6Eq28iKfiXkgBSPA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.dockerized_labs/broken_auth_lab/templates/lab.html.32", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/lab.html", + "beginLine" : 33, + "endLine" : 33, + "code" : "", + "beginColumn" : 17, + "endColumn" : 103 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "+C5ERp2Sb/KrK/gM9M99qA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.dockerized_labs/broken_auth_lab/templates/lab.html.33", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/lab.html", + "beginLine" : 41, + "endLine" : 41, + "code" : "", + "beginColumn" : 17, + "endColumn" : 78 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "9/Jdtbjq2CXo34+jb84emg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.dockerized_labs/broken_auth_lab/templates/lab.html.41", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/lab.html", + "beginLine" : 23, + "endLine" : 23, + "code" : "onclick=\"showResetForm()\"", + "beginColumn" : 29, + "endColumn" : 53 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "peA8eY/tZHh27ZcWPmyeSQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.dockerized_labs/broken_auth_lab/templates/lab.html.23", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/insec_des/insec_des_lab.html", + "beginLine" : 14, + "endLine" : 14, + "code" : "onclick=\"window.location.href='/insec_des'\"", + "beginColumn" : 64, + "endColumn" : 106 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "tRmwR/LrAK5Y6XHEZFkxeA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/insec_des/insec_des_lab.html.14", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab/SQL/sql_lab.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "sjxMGPs8F4L7QSdJN/0Nrg", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/Lab/SQL/sql_lab.html.13", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/playground/A7/index.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "onclick=event1()", + "beginColumn" : 165, + "endColumn" : 180 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "8x+IpigBBDs9Gy9Yaw6kyg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/playground/A7/index.html.13", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/playground/A7/index.html", + "beginLine" : 50, + "endLine" : 50, + "code" : "onclick=event4()", + "beginColumn" : 169, + "endColumn" : 184 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "35vGr7tnYt0kfToFisqDOA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/playground/A7/index.html.50", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_top8.html", + "beginLine" : 38, + "endLine" : 38, + "code" : "onclick=\"window.location.href='/ssrf_lab'\"", + "beginColumn" : 15, + "endColumn" : 56 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "nbZw8iso09DngawsiMnRnQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_top8.html.38", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/SQL/sql_lab.html", + "beginLine" : 12, + "endLine" : 12, + "code" : "", + "beginColumn" : 13, + "endColumn" : 78 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "vKWi3or5a+Qa0N2AL/TR/w", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/SQL/sql_lab.html.12", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/playground/A7/index.html", + "beginLine" : 57, + "endLine" : 57, + "code" : "onclick=\"window.location.href='/auth_failure'\"", + "beginColumn" : 104, + "endColumn" : 149 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "mS39VnvtrljhRnko2hWVaw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/playground/A7/index.html.57", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/SQL/sql_lab.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Jgtu0Tw1mKnoDri6rLbnsQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/SQL/sql_lab.html.13", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/SQL/sql_lab.html", + "beginLine" : 43, + "endLine" : 43, + "code" : "onclick=\"window.location.href='/sql'\"", + "beginColumn" : 64, + "endColumn" : 100 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "/YVCO6ww2KRODjeuwU1xDA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/SQL/sql_lab.html.43", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_top9.html", + "beginLine" : 40, + "endLine" : 40, + "code" : "onclick=\"window.location.href='/mitre/9/lab/login'\"", + "beginColumn" : 50, + "endColumn" : 100 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "M3Xamx4wkUufJdaZhOtATQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_top9.html.40", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/playground/A9/index.html", + "beginLine" : 11, + "endLine" : 11, + "code" : "onclick=event1()", + "beginColumn" : 165, + "endColumn" : 180 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Ip8hvHX4c0xOK5LPQZ1FWw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/playground/A9/index.html.11", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/playground/A9/index.html", + "beginLine" : 28, + "endLine" : 28, + "code" : "onclick=event2()", + "beginColumn" : 201, + "endColumn" : 216 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "iCSCZKj8qqyoDtPLLMzq1A", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/playground/A9/index.html.28", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/playground/A9/index.html", + "beginLine" : 90, + "endLine" : 90, + "code" : "onclick=event3()", + "beginColumn" : 169, + "endColumn" : 184 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "VB8j8xPMAk+L0Ww34Jj0tQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/playground/A9/index.html.90", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/sec_mis/sec_mis.html", + "beginLine" : 35, + "endLine" : 35, + "code" : "onclick=\"window.location.href='/sec_mis_lab'\"", + "beginColumn" : 52, + "endColumn" : 96 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "x8yFBG4RT9z9XKFS/oIPKg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/sec_mis/sec_mis.html.35", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/sec_mis/sec_mis.html", + "beginLine" : 47, + "endLine" : 47, + "code" : "onclick=\"window.location.href='/data_exp_lab'\"", + "beginColumn" : 52, + "endColumn" : 97 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "9WTIMl4uILWP4dXF5vt6BA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/sec_mis/sec_mis.html.47", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/sec_mis/sec_mis.html", + "beginLine" : 60, + "endLine" : 60, + "code" : "onclick=\"window.location.href='/sec_mis_lab3'\"", + "beginColumn" : 52, + "endColumn" : 97 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "WMUChAVnZz3C5uFJRZCdSQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/sec_mis/sec_mis.html.60", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/reset.html", + "beginLine" : 14, + "endLine" : 14, + "code" : "", + "beginColumn" : 17, + "endColumn" : 95 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "bYy/uwxlJ0j/WHmlnBtBng", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.dockerized_labs/broken_auth_lab/templates/reset.html.14", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/reset.html", + "beginLine" : 15, + "endLine" : 15, + "code" : "", + "beginColumn" : 17, + "endColumn" : 107 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "WWU6r8Z2z6n5ARzYTmYGzw", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.dockerized_labs/broken_auth_lab/templates/reset.html.15", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/reset.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 13, + "endColumn" : 68 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "fof2UqsRvuRHmrAMUJgFjw", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.dockerized_labs/broken_auth_lab/templates/reset.html.13", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/reset.html", + "beginLine" : 14, + "endLine" : 14, + "code" : "", + "beginColumn" : 17, + "endColumn" : 95 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "awQdXVoEwIQ2i4Cu6vcinQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.dockerized_labs/broken_auth_lab/templates/reset.html.14", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/reset.html", + "beginLine" : 15, + "endLine" : 15, + "code" : "", + "beginColumn" : 17, + "endColumn" : 107 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "lkyyPh+u7L9+d+8fC6KrJg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.dockerized_labs/broken_auth_lab/templates/reset.html.15", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/templates/reset.html", + "beginLine" : 16, + "endLine" : 16, + "code" : "", + "beginColumn" : 17, + "endColumn" : 70 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "GHVGlJTwf25HvvTUVSW2Iw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.dockerized_labs/broken_auth_lab/templates/reset.html.16", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/XSS/xss.html", + "beginLine" : 80, + "endLine" : 80, + "code" : "onclick=\"window.location.href='/xssL'\"", + "beginColumn" : 76, + "endColumn" : 113 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "T7Wtsih/SUN0QnOHbmnLUA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/XSS/xss.html.80", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/XSS/xss.html", + "beginLine" : 100, + "endLine" : 100, + "code" : "onclick=\"window.location.href='/xssL2'\"", + "beginColumn" : 76, + "endColumn" : 114 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "AfmzXkjnb0TXGyQ2TYRnbw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/XSS/xss.html.100", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/XSS/xss.html", + "beginLine" : 119, + "endLine" : 119, + "code" : "onclick=\"window.location.href='/xssL3'\"", + "beginColumn" : 76, + "endColumn" : 114 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "O3tqxlMYBcqBtnEEZrXsww", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/XSS/xss.html.119", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/sec_mis/sec_mis_lab.html", + "beginLine" : 10, + "endLine" : 10, + "code" : "onclick=\"window.location.href ='/secret'\"", + "beginColumn" : 51, + "endColumn" : 91 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "QAtCR5d5Y7sSKpGWSD5amA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/sec_mis/sec_mis_lab.html.10", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/sec_mis/sec_mis_lab.html", + "beginLine" : 27, + "endLine" : 27, + "code" : "onclick=\"window.location.href='/sec_mis'\"", + "beginColumn" : 64, + "endColumn" : 104 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "BhcBrF7Whtnc/X/ZibOA3g", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/sec_mis/sec_mis_lab.html.27", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/XSS/xss_lab.html", + "beginLine" : 14, + "endLine" : 14, + "code" : "", + "beginColumn" : 13, + "endColumn" : 75 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "P0EFVpS4U3HpQmKSTi9pIg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/XSS/xss_lab.html.14", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/XSS/xss_lab.html", + "beginLine" : 36, + "endLine" : 36, + "code" : "onclick=\"window.location.href='/xss'\"", + "beginColumn" : 64, + "endColumn" : 100 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "x5M7X5YRPFwBdJree/G3uQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/XSS/xss_lab.html.36", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/sec_mis/sec_mis_lab3.html", + "beginLine" : 48, + "endLine" : 48, + "code" : "onclick=\"window.location.href='/sec_mis'\"", + "beginColumn" : 118, + "endColumn" : 158 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "LkIi+QOK1HPGybgTYzVIPw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/sec_mis/sec_mis_lab3.html.48", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/XSS/xss_lab_2.html", + "beginLine" : 12, + "endLine" : 12, + "code" : "", + "beginColumn" : 9, + "endColumn" : 87 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "rffDDo95dBcGsjMn7oQNDg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/XSS/xss_lab_2.html.12", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/XSS/xss_lab_2.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 9, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "n+0s9/2lnoRW45Xt5RzEdA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/XSS/xss_lab_2.html.13", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/XSS/xss_lab_2.html", + "beginLine" : 50, + "endLine" : 50, + "code" : "onclick=\"window.location.href='/xss'\"", + "beginColumn" : 46, + "endColumn" : 82 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "tTlccfqyTwuyhG2+ZtRAUA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/XSS/xss_lab_2.html.50", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/XSS/xss_lab_3.html", + "beginLine" : 12, + "endLine" : 12, + "code" : "", + "beginColumn" : 9, + "endColumn" : 87 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "E5NJCufqFZExSGQ3HYuCRA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/XSS/xss_lab_3.html.12", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/XSS/xss_lab_3.html", + "beginLine" : 26, + "endLine" : 26, + "code" : "onclick=\"window.location.href='/xss'\"", + "beginColumn" : 46, + "endColumn" : 82 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "lVwhYSUouLMgndGAawt8bA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/XSS/xss_lab_3.html.26", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf.html", + "beginLine" : 21, + "endLine" : 21, + "code" : "onclick=\"window.location.href='/ssrf_lab'\"", + "beginColumn" : 72, + "endColumn" : 113 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "xWD18Hs3IESo9xt+uUm7Kw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/ssrf/ssrf.html.21", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf.html", + "beginLine" : 38, + "endLine" : 38, + "code" : "onclick=\"window.location.href='/ssrf_lab2'\"", + "beginColumn" : 72, + "endColumn" : 114 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "+J1e6uKUqAp7nBHfvYoyNw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/ssrf/ssrf.html.38", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf.html", + "beginLine" : 61, + "endLine" : 61, + "code" : "onclick=\"window.location.href='/ssrf_discussion'\"", + "beginColumn" : 59, + "endColumn" : 107 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "dXaHh3dRu9ne7XPFxKgVtg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/ssrf/ssrf.html.61", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/XXE/xxe.html", + "beginLine" : 80, + "endLine" : 80, + "code" : "onclick=\"window.location.href='/xxe_lab'\"", + "beginColumn" : 21, + "endColumn" : 61 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "4HDkOWODQS/+aTAyH20VCw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/XXE/xxe.html.80", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "python.observable_timing_discrepancy", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/playground/A9/api.py", + "beginLine" : 17, + "endLine" : 17, + "code" : "username == \"admin\" and password == \"admin\"", + "beginColumn" : 12, + "endColumn" : 54 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/playground/A9/api.py", + "beginLine" : 15, + "endLine" : 15, + "code" : "password = request.POST['password']", + "beginColumn" : 9, + "endColumn" : 16 + }, + "container" : "django.http.JsonResponse def log_function_target(request)", + "injectionPoint" : "password", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/playground/A9/api.py", + "beginLine" : 17, + "endLine" : 17, + "code" : "username == \"admin\" and password == \"admin\"", + "beginColumn" : 36, + "endColumn" : 54 + }, + "container" : "django.http.JsonResponse def log_function_target(request)", + "category" : "observable_timing_discrepancy" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/playground/A9/api.py", + "beginLine" : 15, + "endLine" : 15, + "code" : "password = request.POST['password']", + "beginColumn" : 9, + "endColumn" : 16 + }, + "variableName" : "password" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/playground/A9/api.py", + "beginLine" : 17, + "endLine" : 17, + "code" : "username == \"admin\" and password == \"admin\"", + "beginColumn" : 36, + "endColumn" : 43 + }, + "variableName" : "password" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-208" ], + "tags" : [ "CWE:208", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "3OZnF19kp9f/LyWwrKb5nA", + "cwe" : 208, + "issueId" : "SAS.information_leak.python.observable_timing_discrepancy.introduction/playground/A9/api.py.17", + "explanation" : "When passwords or secrets are compared in plaintext form, there is a risk that an attacker could deduce their value by monitoring the timing of these comparisons" + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/A9/a9.html", + "beginLine" : 46, + "endLine" : 46, + "code" : "onclick=\"window.location.href='/a9_lab'\"", + "beginColumn" : 21, + "endColumn" : 60 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "eQBca8SgvR7pcMewsmsp4g", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/A9/a9.html.46", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/A9/a9.html", + "beginLine" : 66, + "endLine" : 66, + "code" : "onclick=\"window.location.href='/a9_lab2'\"", + "beginColumn" : 21, + "endColumn" : 61 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "2KF5SE9dM5x11jZzWlaCyQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/A9/a9.html.66", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/A9/a9_lab.html", + "beginLine" : 10, + "endLine" : 10, + "code" : "", + "beginColumn" : 5, + "endColumn" : 71 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "3L/Ld1Xy1TPbRJ0COw+frA", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.introduction/templates/Lab/A9/a9_lab.html.10", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/A9/a9_lab.html", + "beginLine" : 11, + "endLine" : 11, + "code" : "", + "beginColumn" : 9, + "endColumn" : 39 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "lGM8uM5Q7bvdkwaWYlyHpg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/A9/a9_lab.html.11", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/A9/a9_lab.html", + "beginLine" : 26, + "endLine" : 26, + "code" : "onclick=\"window.location.href='/get_version'\"", + "beginColumn" : 34, + "endColumn" : 78 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "0gS22kDVxMmAR5DpxQzcdw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/A9/a9_lab.html.26", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/A9/a9_lab.html", + "beginLine" : 32, + "endLine" : 32, + "code" : "onclick=\"window.location.href='/a9'\"", + "beginColumn" : 64, + "endColumn" : 99 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Ix1XGHsdnu4y8eZbf6j/4Q", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/A9/a9_lab.html.32", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/base.html", + "beginLine" : 5, + "endLine" : 5, + "code" : "", + "beginColumn" : 5, + "endColumn" : 107 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "AI85l73m1BOPpd8YVmxPDw", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/base.html.5", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/base.html", + "beginLine" : 60, + "endLine" : 60, + "code" : "", + "beginColumn" : 5, + "endColumn" : 76 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "MCVVqzFLeNc8X+IKiE2MoQ", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/base.html.60", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/base.html", + "beginLine" : 61, + "endLine" : 61, + "code" : "", + "beginColumn" : 5, + "endColumn" : 96 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "0RYmbIT49A/2eObPoKiesA", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/base.html.61", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/base.html", + "beginLine" : 62, + "endLine" : 62, + "code" : "", + "beginColumn" : 5, + "endColumn" : 98 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "PK4MvJNcwEOASYcvlzaSlg", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/base.html.62", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/playground/A9/api.py", + "beginLine" : 7, + "endLine" : 33, + "code" : "@csrf_exempt\ndef log_function_target(request):\n L = Log(request)\n if request.method == \"GET\":\n L.info(\"GET request\")\n return JsonResponse({\"message\":\"normal get request\", \"method\":\"get\"},status = 200)\n if request.method == \"POST\":\n username = request.POST['username']\n password = request.POST['password']\n ", + "beginColumn" : 1, + "endColumn" : 71 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "a8FSmy537Nm6XMoGdUkK4Q", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/playground/A9/api.py.7", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/A9/a9_lab2.html", + "beginLine" : 21, + "endLine" : 21, + "code" : "", + "beginColumn" : 5, + "endColumn" : 154 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "EVtpAwhsdTa5sCOwztxvwA", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.introduction/templates/Lab/A9/a9_lab2.html.21", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_top14.html", + "beginLine" : 74, + "endLine" : 74, + "code" : "onclick=\"window.location.href='/bau_lab'\"", + "beginColumn" : 21, + "endColumn" : 61 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Ftax0cRhjvbaiZg79wF8Ag", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_top14.html.74", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_top14.html", + "beginLine" : 88, + "endLine" : 88, + "code" : "onclick=\"window.location.href='/auth_failure/lab2/admin12983gfugef81e8yeryepanel'\"", + "beginColumn" : 17, + "endColumn" : 98 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "aZNzvv5Jq5IZlQV3jRGzzA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_top14.html.88", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_top14.html", + "beginLine" : 103, + "endLine" : 103, + "code" : "onclick=\"window.location.href='auth_failure/lab3'\"", + "beginColumn" : 17, + "endColumn" : 66 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "w+rVUh33hMiwDQEmu+Thzg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_top14.html.103", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/A9/a9_lab2.html", + "beginLine" : 22, + "endLine" : 22, + "code" : "", + "beginColumn" : 9, + "endColumn" : 54 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "rtlkPfjWZa5Vg5SEnYMWTQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/A9/a9_lab2.html.22", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/A9/a9_lab2.html", + "beginLine" : 23, + "endLine" : 23, + "code" : "", + "beginColumn" : 9, + "endColumn" : 84 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "WmzW6ciKl2rWTiwM8rN1Ug", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/A9/a9_lab2.html.23", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/A9/a9_lab2.html", + "beginLine" : 81, + "endLine" : 81, + "code" : "onclick=\"window.location.href='/a9'\"", + "beginColumn" : 108, + "endColumn" : 143 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "gRMEh/otYpTSJ2CTQrXGpQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/A9/a9_lab2.html.81", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.javascript_protocol_urls", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab/A9/a9_lab2.html", + "beginLine" : 29, + "endLine" : 29, + "code" : "", + "beginColumn" : 9, + "endColumn" : 78 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-83" ], + "tags" : [ "CWE:83", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.7" ], + "uniqueHash" : "JXApLEwEmfuL25Ou+grzYg", + "cwe" : 83, + "issueId" : "SAS.injection.html.javascript_protocol_urls.introduction/templates/Lab/A9/a9_lab2.html.29", + "explanation" : "Use of the javascript URI scheme (including encoded variants) in HTML\nattributes can lead to arbitrary JavaScript execution and cross-site\nscripting (XSS) attacks.\n" + }, { + "detector" : "html.javascript_protocol_urls", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab/A9/a9_lab2.html", + "beginLine" : 30, + "endLine" : 30, + "code" : "", + "beginColumn" : 9, + "endColumn" : 74 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-83" ], + "tags" : [ "CWE:83", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.7" ], + "uniqueHash" : "c/ksoELU+EmW5dMG51E6oA", + "cwe" : 83, + "issueId" : "SAS.injection.html.javascript_protocol_urls.introduction/templates/Lab/A9/a9_lab2.html.30", + "explanation" : "Use of the javascript URI scheme (including encoded variants) in HTML\nattributes can lead to arbitrary JavaScript execution and cross-site\nscripting (XSS) attacks.\n" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/index.html", + "beginLine" : 5, + "endLine" : 5, + "code" : "", + "beginColumn" : 5, + "endColumn" : 107 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "RupU0j70Fi2n6AvnctKrtg", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/index.html.5", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/index.html", + "beginLine" : 132, + "endLine" : 132, + "code" : "", + "beginColumn" : 5, + "endColumn" : 76 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "0htj8ssONbIMmispI2ki3w", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/index.html.132", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/index.html", + "beginLine" : 133, + "endLine" : 133, + "code" : "", + "beginColumn" : 5, + "endColumn" : 96 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "UHeiMGGHdt2GnnK73zktaA", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/index.html.133", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/index.html", + "beginLine" : 134, + "endLine" : 134, + "code" : "", + "beginColumn" : 5, + "endColumn" : 98 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "F5I5JGuS0qKJCN+eMsm71Q", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/index.html.134", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_top17.html", + "beginLine" : 29, + "endLine" : 29, + "code" : "onclick=\"window.location.href='/mitre/17/lab '\"", + "beginColumn" : 72, + "endColumn" : 118 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "zZ/fOWplwXYBCSFyeB20yw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_top17.html.29", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/AUTH/auth_home.html", + "beginLine" : 41, + "endLine" : 41, + "code" : "onclick=\"window.location.href='/auth_lab'\"", + "beginColumn" : 15, + "endColumn" : 56 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "+gk/B9iS4+4COBggfmjR2A", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/AUTH/auth_home.html.41", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/AUTH/auth_lab.html", + "beginLine" : 10, + "endLine" : 10, + "code" : "onclick=\"location.href = '/auth_lab/signup'\"", + "beginColumn" : 62, + "endColumn" : 105 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "M5u59oSaoEvGoNHkpJN4NQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/AUTH/auth_lab.html.10", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/AUTH/auth_lab.html", + "beginLine" : 12, + "endLine" : 12, + "code" : "onclick=\"location.href = '/auth_lab/login'\"", + "beginColumn" : 62, + "endColumn" : 104 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "faO46WFeeG9D/J5wHA+w1g", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/AUTH/auth_lab.html.12", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "python.insecure_parser", + "kind" : "misconfiguration", + "severity" : "low", + "location" : { + "filepath" : "introduction/lab_code/test.py", + "beginLine" : 23, + "endLine" : 23, + "code" : "yaml.load(stream)", + "beginColumn" : 8, + "endColumn" : 24 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-502" ], + "tags" : [ "CWE:502", "in-repo", "OWASP:2021:A5", "OWASP:2021:A8", "PCI-DSS:6.5.1", "pyyaml" ], + "uniqueHash" : "NeCNCbaWSx0595IzmVepTQ", + "cwe" : 502, + "issueId" : "SAS.misconfiguration.python.insecure_parser.introduction/lab_code/test.py.23", + "explanation" : "This parser is deemed insecure because its use may result in code deserialization injection vulnerabilities" + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab/AUTH/auth_lab_login.html", + "beginLine" : 12, + "endLine" : 12, + "code" : "", + "beginColumn" : 13, + "endColumn" : 90 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "ReUurdkNNCS9BrdQp6EZJA", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/Lab/AUTH/auth_lab_login.html.12", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/AUTH/auth_lab_login.html", + "beginLine" : 11, + "endLine" : 11, + "code" : "", + "beginColumn" : 13, + "endColumn" : 91 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "s0QljUX7HejB3SaYQbVmng", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/AUTH/auth_lab_login.html.11", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/AUTH/auth_lab_login.html", + "beginLine" : 12, + "endLine" : 12, + "code" : "", + "beginColumn" : 13, + "endColumn" : 90 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Xk+7lO1JFGWRO/6TGNS6OQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/AUTH/auth_lab_login.html.12", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/AUTH/auth_lab_login.html", + "beginLine" : 18, + "endLine" : 18, + "code" : "onclick=\"window.location.href='/auth_lab'\"", + "beginColumn" : 17, + "endColumn" : 58 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "rmgkL8LH+nSf187FXDT3xw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/AUTH/auth_lab_login.html.18", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab/AUTH/auth_lab_signup.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 13, + "endColumn" : 90 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "3Fl8SKwbrOjXrWLWqBBSsA", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/Lab/AUTH/auth_lab_signup.html.13", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/AUTH/auth_lab_signup.html", + "beginLine" : 11, + "endLine" : 11, + "code" : "", + "beginColumn" : 13, + "endColumn" : 82 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Urxw3DUYr4RnuA16JAGVXw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/AUTH/auth_lab_signup.html.11", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/AUTH/auth_lab_signup.html", + "beginLine" : 12, + "endLine" : 12, + "code" : "", + "beginColumn" : 13, + "endColumn" : 91 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "JboEsqXotxAzLkIc6/x8tA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/AUTH/auth_lab_signup.html.12", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/AUTH/auth_lab_signup.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 13, + "endColumn" : 90 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "0F/9mrr8myIo9AmsRaRhgg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/AUTH/auth_lab_signup.html.13", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/AUTH/auth_lab_signup.html", + "beginLine" : 19, + "endLine" : 19, + "code" : "onclick=\"window.location.href='/auth_lab'\"", + "beginColumn" : 17, + "endColumn" : 58 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "joGhF5Jp1BQC5WC6LGG5RQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/AUTH/auth_lab_signup.html.19", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/introduction/base.html", + "beginLine" : 657, + "endLine" : 657, + "code" : "onclick=\"swapStyleSheet()\"", + "beginColumn" : 105, + "endColumn" : 130 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "VGWfB/lrUPzt4v7PSLGiMQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/introduction/base.html.657", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/lesson.html", + "beginLine" : 5, + "endLine" : 5, + "code" : "", + "beginColumn" : 5, + "endColumn" : 107 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Qj4TH6k4C5TmK6WGvUTmPw", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/lesson.html.5", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/lesson.html", + "beginLine" : 337, + "endLine" : 337, + "code" : "", + "beginColumn" : 5, + "endColumn" : 93 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "FJGv7M/umxwOIqEEQ1yd4w", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/lesson.html.337", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/lesson.html", + "beginLine" : 338, + "endLine" : 338, + "code" : "", + "beginColumn" : 5, + "endColumn" : 76 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "71sYQ6BdOr0z8cApswqr6w", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/lesson.html.338", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/lesson.html", + "beginLine" : 339, + "endLine" : 339, + "code" : "", + "beginColumn" : 5, + "endColumn" : 96 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "8bnZHE12bxeiiEgUu/Mg0Q", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/lesson.html.339", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/lesson.html", + "beginLine" : 340, + "endLine" : 340, + "code" : "", + "beginColumn" : 5, + "endColumn" : 98 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "8KTVoAKIl8WjPB1328R+aw", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/lesson.html.340", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/AUTH/auth_success.html", + "beginLine" : 18, + "endLine" : 18, + "code" : "onclick=\"window.location.href='/auth_lab/logout'\"", + "beginColumn" : 17, + "endColumn" : 65 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "wcOHN7ntc0FXWpqmyfpn4A", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/AUTH/auth_success.html.18", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.missing_tabnabbing_protection", + "kind" : "access_control", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/lesson.html", + "beginLine" : 320, + "endLine" : 320, + "code" : "", + "beginColumn" : 29, + "endColumn" : 202 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-1021" ], + "tags" : [ "CWE:1021", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "hAvubbfdKXA11CA9/ZeWFA", + "cwe" : 1021, + "issueId" : "SAS.access_control.html.missing_tabnabbing_protection.dockerized_labs/sensitive_data_exposure/templates/lesson.html.320", + "explanation" : "target=\"_blank\" allows a new page to access the window.opener object, enabling phishing redirects." + }, { + "detector" : "html.missing_tabnabbing_protection", + "kind" : "access_control", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/lesson.html", + "beginLine" : 323, + "endLine" : 323, + "code" : "", + "beginColumn" : 29, + "endColumn" : 213 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-1021" ], + "tags" : [ "CWE:1021", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "8PJKRoioB4htAI28bPFsbg", + "cwe" : 1021, + "issueId" : "SAS.access_control.html.missing_tabnabbing_protection.dockerized_labs/sensitive_data_exposure/templates/lesson.html.323", + "explanation" : "target=\"_blank\" allows a new page to access the window.opener object, enabling phishing redirects." + }, { + "detector" : "html.missing_tabnabbing_protection", + "kind" : "access_control", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/lesson.html", + "beginLine" : 326, + "endLine" : 326, + "code" : "", + "beginColumn" : 29, + "endColumn" : 200 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-1021" ], + "tags" : [ "CWE:1021", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "nbXbCIR2cuHRDFo+tVOyFg", + "cwe" : 1021, + "issueId" : "SAS.access_control.html.missing_tabnabbing_protection.dockerized_labs/sensitive_data_exposure/templates/lesson.html.326", + "explanation" : "target=\"_blank\" allows a new page to access the window.opener object, enabling phishing redirects." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/BrokenAccess/ba.html", + "beginLine" : 44, + "endLine" : 44, + "code" : "onclick=\"window.location.href='/ba_lab'\"", + "beginColumn" : 21, + "endColumn" : 60 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Y2891bKZn7ush0VI2bsENA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/BrokenAccess/ba.html.44", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/mitre/csrf_dashboard.html", + "beginLine" : 15, + "endLine" : 15, + "code" : "", + "beginColumn" : 13, + "endColumn" : 84 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Z72YfviBbFbNQBIvXUqFKQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/mitre/csrf_dashboard.html.15", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/mitre/csrf_dashboard.html", + "beginLine" : 16, + "endLine" : 16, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "AH63GF22t9QGemkKkpV1Wg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/mitre/csrf_dashboard.html.16", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A8_software_and_data_integrity_failure/desc.html", + "beginLine" : 37, + "endLine" : 37, + "code" : "onclick=\"window.location.href='/insec_des_lab'\"", + "beginColumn" : 52, + "endColumn" : 98 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "NjeUkvXE0MvS9mo4qWLHTQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A8_software_and_data_integrity_failure/desc.html.37", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A8_software_and_data_integrity_failure/desc.html", + "beginLine" : 49, + "endLine" : 49, + "code" : "onclick=\"window.location.href='/2021/A8/lab2'\"", + "beginColumn" : 52, + "endColumn" : 97 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "9pwYLsc/4319iUw4Bb4BZg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A8_software_and_data_integrity_failure/desc.html.49", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/csrf_dashboard.html", + "beginLine" : 17, + "endLine" : 17, + "code" : "onclick=\"handleSubmit()\"", + "beginColumn" : 66, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "wrtKjGGS22KM+E91S1eNAg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/csrf_dashboard.html.17", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "python.observable_timing_discrepancy", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/playground/A9/archive.py", + "beginLine" : 17, + "endLine" : 17, + "code" : "username == \"admin\" and password == \"admin\"", + "beginColumn" : 12, + "endColumn" : 54 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/playground/A9/archive.py", + "beginLine" : 15, + "endLine" : 15, + "code" : "password = request.POST['password']", + "beginColumn" : 9, + "endColumn" : 16 + }, + "container" : "django.http.JsonResponse def log_function_target(request)", + "injectionPoint" : "password", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/playground/A9/archive.py", + "beginLine" : 17, + "endLine" : 17, + "code" : "username == \"admin\" and password == \"admin\"", + "beginColumn" : 36, + "endColumn" : 54 + }, + "container" : "django.http.JsonResponse def log_function_target(request)", + "category" : "observable_timing_discrepancy" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/playground/A9/archive.py", + "beginLine" : 15, + "endLine" : 15, + "code" : "password = request.POST['password']", + "beginColumn" : 9, + "endColumn" : 16 + }, + "variableName" : "password" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/playground/A9/archive.py", + "beginLine" : 17, + "endLine" : 17, + "code" : "username == \"admin\" and password == \"admin\"", + "beginColumn" : 36, + "endColumn" : 43 + }, + "variableName" : "password" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-208" ], + "tags" : [ "CWE:208", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "zKS9AjCs6/4L2sw5p7crGg", + "cwe" : 208, + "issueId" : "SAS.information_leak.python.observable_timing_discrepancy.introduction/playground/A9/archive.py.17", + "explanation" : "When passwords or secrets are compared in plaintext form, there is a risk that an attacker could deduce their value by monitoring the timing of these comparisons" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/login.html", + "beginLine" : 5, + "endLine" : 5, + "code" : "", + "beginColumn" : 5, + "endColumn" : 107 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "f/gYI26BKEabJKXEMvHwAQ", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/login.html.5", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/login.html", + "beginLine" : 82, + "endLine" : 82, + "code" : "", + "beginColumn" : 5, + "endColumn" : 76 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "2B7rD9wfm/juI/LMP/i7qQ", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/login.html.82", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/login.html", + "beginLine" : 83, + "endLine" : 83, + "code" : "", + "beginColumn" : 5, + "endColumn" : 96 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "gGbaSrqlvYwZ6DGIBJcv6g", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/login.html.83", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/login.html", + "beginLine" : 84, + "endLine" : 84, + "code" : "", + "beginColumn" : 5, + "endColumn" : 98 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Haao5zn1NReRxIiy5N9UGg", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/login.html.84", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/mitre/csrf_lab_login.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 17, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "CBKAbJ1xGyFQb4ScL/4Hqg", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/mitre/csrf_lab_login.html.13", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/mitre/csrf_lab_login.html", + "beginLine" : 12, + "endLine" : 12, + "code" : "", + "beginColumn" : 17, + "endColumn" : 86 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "4f/JO4tWvcNFJLHTPwd16w", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/mitre/csrf_lab_login.html.12", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/mitre/csrf_lab_login.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 17, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "e2Dr9xjHOcJAJRPbTp3B3g", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/mitre/csrf_lab_login.html.13", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A8_software_and_data_integrity_failure/lab2.html", + "beginLine" : 17, + "endLine" : 17, + "code" : "", + "beginColumn" : 17, + "endColumn" : 86 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Km914MTS1ELCw+LbuvhHRw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A8_software_and_data_integrity_failure/lab2.html.17", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A8_software_and_data_integrity_failure/lab2.html", + "beginLine" : 29, + "endLine" : 29, + "code" : "onclick=\"window.location.href='/2021/A8'\"", + "beginColumn" : 104, + "endColumn" : 144 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "3XQaEbsONFhqhrbs4/+qvQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A8_software_and_data_integrity_failure/lab2.html.29", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_lab_17.html", + "beginLine" : 11, + "endLine" : 11, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "2ENQrvVh8QAQE764J7ideQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/mitre/mitre_lab_17.html.11", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_lab_17.html", + "beginLine" : 12, + "endLine" : 12, + "code" : "onclick=\"apicall()\"", + "beginColumn" : 65, + "endColumn" : 83 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "51d0Rz+9ND3nZU1KcxhHRA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_lab_17.html.12", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_lab_17.html", + "beginLine" : 18, + "endLine" : 18, + "code" : "onclick=\"window.location.href='/mitre/17'\"", + "beginColumn" : 108, + "endColumn" : 149 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "ibF1BDDDPKvY9r4b90ukcw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_lab_17.html.18", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_lab_25.html", + "beginLine" : 11, + "endLine" : 11, + "code" : "", + "beginColumn" : 17, + "endColumn" : 85 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "8LdP0MZtdngXA+pIXEWefg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/mitre/mitre_lab_25.html.11", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_lab_25.html", + "beginLine" : 12, + "endLine" : 12, + "code" : "onclick=\"calculate()\"", + "beginColumn" : 69, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "mLkKSZea+R8rB6rDK5xIDQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_lab_25.html.12", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/mitre/mitre_lab_25.html", + "beginLine" : 17, + "endLine" : 17, + "code" : "onclick=\"window.location.href='/mitre/25'\"", + "beginColumn" : 108, + "endColumn" : 149 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "5oV+I3bl3vzzyW+iODoRNQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/mitre/mitre_lab_25.html.17", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/A10/a10.html", + "beginLine" : 36, + "endLine" : 36, + "code" : "onclick=\"window.location.href='/a10_lab'\"", + "beginColumn" : 70, + "endColumn" : 110 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "pnQMrHAf90hHgVz1yelJ8w", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/A10/a10.html.36", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/A10/a10.html", + "beginLine" : 47, + "endLine" : 47, + "code" : "onclick=\"window.location.href='/a10_lab_2'\"", + "beginColumn" : 70, + "endColumn" : 112 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "06vtvX9aJiZbQPA/HGJifw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/A10/a10.html.47", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/A10/a10.html", + "beginLine" : 65, + "endLine" : 65, + "code" : "onclick=\"window.location.href='/2021/discussion/A9'\"", + "beginColumn" : 55, + "endColumn" : 106 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "rU5lxBVNJC6CZ9GAWU8aaw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/A10/a10.html.65", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/profile.html", + "beginLine" : 5, + "endLine" : 5, + "code" : "", + "beginColumn" : 5, + "endColumn" : 107 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "eDrsiAXX/R9IQCVk/rXsKg", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/profile.html.5", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/profile.html", + "beginLine" : 211, + "endLine" : 211, + "code" : "", + "beginColumn" : 5, + "endColumn" : 93 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "axPGI+x/WODPclHMgLmZ4Q", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/profile.html.211", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/profile.html", + "beginLine" : 212, + "endLine" : 212, + "code" : "", + "beginColumn" : 5, + "endColumn" : 76 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "n5YQm0bFB0rXhEubkFnhTQ", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/profile.html.212", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/profile.html", + "beginLine" : 213, + "endLine" : 213, + "code" : "", + "beginColumn" : 5, + "endColumn" : 96 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "GP1r2YMSldeRpfKa0r82Jw", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/profile.html.213", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/profile.html", + "beginLine" : 214, + "endLine" : 214, + "code" : "", + "beginColumn" : 5, + "endColumn" : 98 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "88RkPbMkd3CLlaCVSYxaog", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/profile.html.214", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_tabnabbing_protection", + "kind" : "access_control", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/profile.html", + "beginLine" : 141, + "endLine" : 141, + "code" : "", + "beginColumn" : 37, + "endColumn" : 122 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-1021" ], + "tags" : [ "CWE:1021", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "JTarJRXEttsD7VZy+N9/3g", + "cwe" : 1021, + "issueId" : "SAS.access_control.html.missing_tabnabbing_protection.dockerized_labs/sensitive_data_exposure/templates/profile.html.141", + "explanation" : "target=\"_blank\" allows a new page to access the window.opener object, enabling phishing redirects." + }, { + "detector" : "html.missing_tabnabbing_protection", + "kind" : "access_control", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/profile.html", + "beginLine" : 200, + "endLine" : 200, + "code" : "", + "beginColumn" : 25, + "endColumn" : 194 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-1021" ], + "tags" : [ "CWE:1021", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "2/DeWuxkOcOeC/Q6p9/T6Q", + "cwe" : 1021, + "issueId" : "SAS.access_control.html.missing_tabnabbing_protection.dockerized_labs/sensitive_data_exposure/templates/profile.html.200", + "explanation" : "target=\"_blank\" allows a new page to access the window.opener object, enabling phishing redirects." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab/A10/a10_lab.html", + "beginLine" : 15, + "endLine" : 15, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "yEWFmtuE9AoF04W2QIMKJg", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/Lab/A10/a10_lab.html.15", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/A10/a10_lab.html", + "beginLine" : 14, + "endLine" : 14, + "code" : "", + "beginColumn" : 13, + "endColumn" : 78 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "tMBQRkT9gkv4xBUhTX4TrA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/A10/a10_lab.html.14", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/A10/a10_lab.html", + "beginLine" : 15, + "endLine" : 15, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "fn9WDjqZ2EwyWcAgVoyyRg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/A10/a10_lab.html.15", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/A10/a10_lab.html", + "beginLine" : 39, + "endLine" : 39, + "code" : "onclick=\"window.location.href='/a10'\"", + "beginColumn" : 64, + "endColumn" : 100 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Z/9peZdB3iSwgS8MOx3CPg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/A10/a10_lab.html.39", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "challenge/templates/challenge.html", + "beginLine" : 12, + "endLine" : 12, + "code" : "onclick=\"handleonclick()\"", + "beginColumn" : 63, + "endColumn" : 87 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "+Jwg4QQV/iuVOEfH4fTfaA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.challenge/templates/challenge.html.12", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "challenge/templates/challenge.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "onclick=\"handleRedirect()\"", + "beginColumn" : 63, + "endColumn" : 88 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "emKdrzZfV7OdBysifM2IUg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.challenge/templates/challenge.html.13", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab/A10/a10_lab2.html", + "beginLine" : 15, + "endLine" : 15, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "suH1R6s3XnvN4zr8VmMgkw", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/Lab/A10/a10_lab2.html.15", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/A10/a10_lab2.html", + "beginLine" : 14, + "endLine" : 14, + "code" : "", + "beginColumn" : 13, + "endColumn" : 78 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "i1wu/Dvnhytxah5e4WbFkQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/A10/a10_lab2.html.14", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/A10/a10_lab2.html", + "beginLine" : 15, + "endLine" : 15, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "8K9wBaXxMRP+14OfGFCSvQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/A10/a10_lab2.html.15", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/A10/a10_lab2.html", + "beginLine" : 75, + "endLine" : 75, + "code" : "onclick=\"window.location.href='/a10'\"", + "beginColumn" : 104, + "endColumn" : 140 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "pPBP2ZEUEoWMHqoNo/3hFg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/A10/a10_lab2.html.75", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/register.html", + "beginLine" : 5, + "endLine" : 5, + "code" : "", + "beginColumn" : 5, + "endColumn" : 107 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "BmflEqXh7UxI9pkuCSSzrA", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/register.html.5", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/register.html", + "beginLine" : 93, + "endLine" : 93, + "code" : "", + "beginColumn" : 5, + "endColumn" : 76 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "1JZc3EdKnCMT18WrHE18DA", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/register.html.93", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/register.html", + "beginLine" : 94, + "endLine" : 94, + "code" : "", + "beginColumn" : 5, + "endColumn" : 96 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "qPS63Nq88HdESOvLpBjaWQ", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/register.html.94", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/register.html", + "beginLine" : 95, + "endLine" : 95, + "code" : "", + "beginColumn" : 5, + "endColumn" : 98 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "NfVmMwUXA3a/FJv64gY1vg", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/register.html.95", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/playground/A9/archive.py", + "beginLine" : 7, + "endLine" : 37, + "code" : "@csrf_exempt\ndef log_function_target(request):\n L = Log(request)\n if request.method == \"GET\":\n L.info(\"GET request\")\n return JsonResponse({\"message\":\"normal get request\", \"method\":\"get\"},status = 200)\n if request.method == \"POST\":\n username = request.POST['username']\n password = request.POST['password']\n ", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "AuVCmT4YH6y+Qv72t6EO1A", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/playground/A9/archive.py.7", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab2.html", + "beginLine" : 18, + "endLine" : 18, + "code" : "", + "beginColumn" : 13, + "endColumn" : 85 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Buc9vfzEsmbg9Ss8kXehuw", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab2.html.18", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab2.html", + "beginLine" : 17, + "endLine" : 17, + "code" : "", + "beginColumn" : 13, + "endColumn" : 82 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "gs3dzx82+vpc08TG/Vi4+g", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab2.html.17", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab2.html", + "beginLine" : 18, + "endLine" : 18, + "code" : "", + "beginColumn" : 13, + "endColumn" : 85 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Fs7iRccuCEHzCFLiPaz3Ug", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab2.html.18", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab2.html", + "beginLine" : 32, + "endLine" : 32, + "code" : "onclick=\"window.location.href='/cryptographic_failure'\"", + "beginColumn" : 48, + "endColumn" : 102 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "5Rzsv1cQp3xN2RmjSx0Z5g", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab2.html.32", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/A11/a11.html", + "beginLine" : 35, + "endLine" : 35, + "code" : "onclick=\"window.location.href='/insecure-design_lab'\"", + "beginColumn" : 72, + "endColumn" : 124 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "3pk1QTTm5HZ+9ObLhaDMqQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/A11/a11.html.35", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab3.html", + "beginLine" : 21, + "endLine" : 21, + "code" : "", + "beginColumn" : 13, + "endColumn" : 85 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "FUhbcZZYxL1Vs9iTUIIqYA", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab3.html.21", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab3.html", + "beginLine" : 20, + "endLine" : 20, + "code" : "", + "beginColumn" : 13, + "endColumn" : 82 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "ZYXzLcJvd3t4MfaYuNkVeQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab3.html.20", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab3.html", + "beginLine" : 21, + "endLine" : 21, + "code" : "", + "beginColumn" : 13, + "endColumn" : 85 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "3QoRJAywSu3dRBYzKw/ErA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab3.html.21", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/A11/a11_lab.html", + "beginLine" : 31, + "endLine" : 31, + "code" : "", + "beginColumn" : 21, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "3ZT5LQndZMaigz3fw3S9PA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/A11/a11_lab.html.31", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab/A11/a11_lab.html", + "beginLine" : 42, + "endLine" : 42, + "code" : "", + "beginColumn" : 21, + "endColumn" : 85 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "MiLY7AYobRUnBv1uYlJWIw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab/A11/a11_lab.html.42", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/A11/a11_lab.html", + "beginLine" : 50, + "endLine" : 50, + "code" : "onclick=\"window.location.href='/insecure-design'\"", + "beginColumn" : 64, + "endColumn" : 112 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "F/COa1ApoyD/wBSkff+zgA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab/A11/a11_lab.html.50", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab3.html", + "beginLine" : 41, + "endLine" : 41, + "code" : "onclick=\"window.location.href='/cryptographic_failure'\"", + "beginColumn" : 48, + "endColumn" : 102 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "hgpOibF+a54VTVAXHOzc+Q", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab3.html.41", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/insec_des_lab/templates/base.html", + "beginLine" : 8, + "endLine" : 8, + "code" : "onclick=\"toggleTheme()\"", + "beginColumn" : 36, + "endColumn" : 58 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "wSorpDTvnCArPW5tBXipGA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.dockerized_labs/insec_des_lab/templates/base.html.8", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A3_Injection/injection.html", + "beginLine" : 86, + "endLine" : 86, + "code" : "onclick=\"window.location.href='/injection_sql_lab'\"", + "beginColumn" : 25, + "endColumn" : 75 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "BL0ox7R1YSY7tFEw8GrHFw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A3_Injection/injection.html.86", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A3_Injection/sql_lab.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "4lrsUnBvGlto6BMnyjvGGQ", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/Lab_2021/A3_Injection/sql_lab.html.13", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A3_Injection/sql_lab.html", + "beginLine" : 12, + "endLine" : 12, + "code" : "", + "beginColumn" : 13, + "endColumn" : 78 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "rc7QsK50A5j/8Rfc310pJw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A3_Injection/sql_lab.html.12", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A3_Injection/sql_lab.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "xnmZ0YG95bgUnbsi/h71Hw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A3_Injection/sql_lab.html.13", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A3_Injection/sql_lab.html", + "beginLine" : 43, + "endLine" : 43, + "code" : "onclick=\"window.location.href='/injection'\"", + "beginColumn" : 64, + "endColumn" : 106 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "zx3tmf0DQLWWEPbLQaQH2A", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A3_Injection/sql_lab.html.43", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A3_Injection/ssti.html", + "beginLine" : 34, + "endLine" : 34, + "code" : "onclick=\"window.location.href='/ssti/lab'\"", + "beginColumn" : 21, + "endColumn" : 62 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Ny7+eBqpsrWThshfWZezSw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A3_Injection/ssti.html.34", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A3_Injection/ssti_lab.html", + "beginLine" : 64, + "endLine" : 64, + "code" : "onclick=\"window.location.href='/ssti'\"", + "beginColumn" : 104, + "endColumn" : 141 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "uXdaptTOS8F7df2biSQEWg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A3_Injection/ssti_lab.html.64", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A7_auth_failure/a7.html", + "beginLine" : 89, + "endLine" : 89, + "code" : "onclick=\"window.location.href='/bau_lab'\"", + "beginColumn" : 21, + "endColumn" : 61 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "xbNhGR1BpiUIhwiCs55i8A", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A7_auth_failure/a7.html.89", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A7_auth_failure/a7.html", + "beginLine" : 103, + "endLine" : 103, + "code" : "onclick=\"window.location.href='/auth_failure/lab2/admin12983gfugef81e8yeryepanel'\"", + "beginColumn" : 17, + "endColumn" : 98 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "s9/oQo4r7wYcYMl6HQFs3w", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A7_auth_failure/a7.html.103", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A7_auth_failure/a7.html", + "beginLine" : 118, + "endLine" : 118, + "code" : "onclick=\"window.location.href='auth_failure/lab3'\"", + "beginColumn" : 17, + "endColumn" : 66 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "3Fb+LJRY8cA1Wo38wSIV/w", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A7_auth_failure/a7.html.118", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A7_auth_failure/a7.html", + "beginLine" : 137, + "endLine" : 137, + "code" : "onclick=\"window.location.href='/2021/discussion/A7'\"", + "beginColumn" : 59, + "endColumn" : 110 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "QAe/qdoBioRwwizI0Sbr0w", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A7_auth_failure/a7.html.137", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A7_auth_failure/lab2.html", + "beginLine" : 16, + "endLine" : 16, + "code" : "", + "beginColumn" : 17, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "vktGQCdpnpEVziBzqQygfw", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/Lab_2021/A7_auth_failure/lab2.html.16", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A7_auth_failure/lab2.html", + "beginLine" : 15, + "endLine" : 15, + "code" : "", + "beginColumn" : 17, + "endColumn" : 86 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "eaBndNbvpbprdVYe5C2ttA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A7_auth_failure/lab2.html.15", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A7_auth_failure/lab2.html", + "beginLine" : 16, + "endLine" : 16, + "code" : "", + "beginColumn" : 17, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "3L0mXLEqabNrHfGb/jpCDw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A7_auth_failure/lab2.html.16", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A7_auth_failure/lab2.html", + "beginLine" : 79, + "endLine" : 79, + "code" : "onclick=\"window.location.href='/auth_failure'\"", + "beginColumn" : 104, + "endColumn" : 149 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "mP4LohLxiMVq0Fhym2L+BQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A7_auth_failure/lab2.html.79", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A7_auth_failure/lab3.html", + "beginLine" : 22, + "endLine" : 22, + "code" : "", + "beginColumn" : 17, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "wSDyASNMNMUlMW5Enrp2nQ", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/Lab_2021/A7_auth_failure/lab3.html.22", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A7_auth_failure/lab3.html", + "beginLine" : 21, + "endLine" : 21, + "code" : "", + "beginColumn" : 17, + "endColumn" : 86 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "pI74aYI8XUfraHT7bxoL9w", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A7_auth_failure/lab3.html.21", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A7_auth_failure/lab3.html", + "beginLine" : 22, + "endLine" : 22, + "code" : "", + "beginColumn" : 17, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "rptiHQRuo+4x85ZdgRt37g", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A7_auth_failure/lab3.html.22", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A7_auth_failure/lab3.html", + "beginLine" : 76, + "endLine" : 76, + "code" : "onclick=\"window.location.href='/auth_failure'\"", + "beginColumn" : 104, + "endColumn" : 149 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "d8zWWm3EqFA5EO5C7wGqxA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A7_auth_failure/lab3.html.76", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "python.code_injection", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 218, + "endLine" : 218, + "code" : "eval(expression)", + "beginColumn" : 18, + "endColumn" : 33 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 217, + "endLine" : 217, + "code" : "expression = request.POST.get('expression')", + "beginColumn" : 9, + "endColumn" : 18 + }, + "container" : "def mitre_lab_25_api(request)", + "injectionPoint" : "expression", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 218, + "endLine" : 218, + "code" : "eval(expression)", + "beginColumn" : 18, + "endColumn" : 21 + }, + "container" : "def mitre_lab_25_api(request)", + "category" : "code_injection" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 217, + "endLine" : 217, + "code" : "expression = request.POST.get('expression')", + "beginColumn" : 9, + "endColumn" : 18 + }, + "variableName" : "expression" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 218, + "endLine" : 218, + "code" : "eval(expression)", + "beginColumn" : 23, + "endColumn" : 32 + }, + "variableName" : "expression" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-95" ], + "tags" : [ "CWE:95", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "N3XpvFKymjpoXAXSuRtKYg", + "cwe" : 95, + "issueId" : "SAS.injection.python.code_injection.introduction/mitre.py.218", + "explanation" : "Improper neutralization of directives in dynamically evaluated code ('Eval Injection')" + }, { + "detector" : "python.observable_timing_discrepancy", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 41, + "endLine" : 41, + "code" : "username in users and users[username]['password'] == password", + "beginColumn" : 8, + "endColumn" : 68 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 38, + "endLine" : 38, + "code" : "password = request.form.get('password')", + "beginColumn" : 5, + "endColumn" : 12 + }, + "container" : "flask.Response def login()", + "injectionPoint" : "password", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 41, + "endLine" : 41, + "code" : "username in users and users[username]['password'] == password", + "beginColumn" : 30, + "endColumn" : 68 + }, + "container" : "flask.Response def login()", + "category" : "observable_timing_discrepancy" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 38, + "endLine" : 38, + "code" : "password = request.form.get('password')", + "beginColumn" : 5, + "endColumn" : 12 + }, + "variableName" : "password" + }, { + "kind" : "sink", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 41, + "endLine" : 41, + "code" : "username in users and users[username]['password'] == password", + "beginColumn" : 61, + "endColumn" : 68 + }, + "variableName" : "password" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-208" ], + "tags" : [ "CWE:208", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "hPnlfLsHmRf+SqcxH6Llbg", + "cwe" : 208, + "issueId" : "SAS.information_leak.python.observable_timing_discrepancy.dockerized_labs/broken_auth_lab/app.py.41", + "explanation" : "When passwords or secrets are compared in plaintext form, there is a risk that an attacker could deduce their value by monitoring the timing of these comparisons" + }, { + "detector" : "python.observable_timing_discrepancy", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 99, + "endLine" : 99, + "code" : "token in password_reset_tokens", + "beginColumn" : 8, + "endColumn" : 37 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 98, + "endLine" : 98, + "code" : "@app.route('/reset/')\ndef reset_form(token):\n if token in password_reset_tokens:\n return render_template('reset.html', token=token)\n return 'Invalid token'\n\n", + "beginColumn" : 16, + "endColumn" : 20 + }, + "container" : "str def reset_form(token)", + "injectionPoint" : "token", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 99, + "endLine" : 99, + "code" : "token in password_reset_tokens", + "beginColumn" : 8, + "endColumn" : 37 + }, + "container" : "str def reset_form(token)", + "category" : "observable_timing_discrepancy" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 98, + "endLine" : 98, + "code" : "token", + "beginColumn" : 16, + "endColumn" : 20 + }, + "variableName" : "token" + }, { + "kind" : "sink", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 99, + "endLine" : 99, + "code" : "token in password_reset_tokens", + "beginColumn" : 8, + "endColumn" : 12 + }, + "variableName" : "token" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-208" ], + "tags" : [ "CWE:208", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "C0dsHUefwFNvT5pddIBNPQ", + "cwe" : 208, + "issueId" : "SAS.information_leak.python.observable_timing_discrepancy.dockerized_labs/broken_auth_lab/app.py.99", + "explanation" : "When passwords or secrets are compared in plaintext form, there is a risk that an attacker could deduce their value by monitoring the timing of these comparisons" + }, { + "detector" : "python.flask_unsafe_configuration", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 8, + "endLine" : 8, + "code" : "app.secret_key = 'yo***********...'", + "beginColumn" : 1, + "endColumn" : 39 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-798" ], + "tags" : [ "CWE:798", "flask", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A5", "OWASP:2021:A7", "PCI-DSS:6.5.6" ], + "uniqueHash" : "H+3p4dHQe9JLQgwIdNrx0g", + "cwe" : 798, + "issueId" : "SAS.misconfiguration.python.flask_unsafe_configuration.dockerized_labs/broken_auth_lab/app.py.8", + "explanation" : "Hardcoded secret key may expose the application to security risks if the key is leaked" + }, { + "detector" : "python.no_use_eval", + "kind" : "risky_values", + "severity" : "low", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 218, + "endLine" : 218, + "code" : "eval(expression)", + "beginColumn" : 18, + "endColumn" : 33 + }, + "language" : "python", + "container" : "def mitre_lab_25_api(request)", + "confidence" : "high", + "cwes" : [ "CWE-95" ], + "tags" : [ "CWE:95", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "eJDMmUXEndDCgVQaNmo7HQ", + "cwe" : 95, + "issueId" : "SAS.risky_values.python.no_use_eval.introduction/mitre.py.218", + "explanation" : "Do not use eval()" + }, { + "detector" : "python.flask_unsafe_configuration", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 123, + "endLine" : 123, + "code" : "app.run(host='0.0.0.0', port=5000, debug=True)", + "beginColumn" : 5, + "endColumn" : 50 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-489" ], + "tags" : [ "CWE:489", "flask", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A5", "OWASP:2021:A7", "PCI-DSS:6.5.6" ], + "uniqueHash" : "07fj6tZbtoOXpgkskyEW1g", + "cwe" : 489, + "issueId" : "SAS.misconfiguration.python.flask_unsafe_configuration.dockerized_labs/broken_auth_lab/app.py.123", + "explanation" : "Leftover debug level may lead to sensitive information exposure" + }, { + "detector" : "python.http_splitting", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 49, + "endLine" : 49, + "code" : "response.set_cookie('session', session_token, max_age=30*24*60*60)", + "beginColumn" : 13, + "endColumn" : 78 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 37, + "endLine" : 37, + "code" : "username = request.form.get('username')", + "beginColumn" : 5, + "endColumn" : 12 + }, + "container" : "flask.Response def login()", + "injectionPoint" : "username", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 49, + "endLine" : 49, + "code" : "response.set_cookie('session', session_token, max_age=30*24*60*60)", + "beginColumn" : 22, + "endColumn" : 31 + }, + "container" : "flask.Response def login()", + "category" : "header_manipulation" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 37, + "endLine" : 37, + "code" : "username = request.form.get('username')", + "beginColumn" : 5, + "endColumn" : 12 + }, + "variableName" : "username" + }, { + "kind" : "assign", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 45, + "endLine" : 45, + "code" : "f\"{username}:{datetime.now()}\".encode()", + "beginColumn" : 45, + "endColumn" : 52 + }, + "variableName" : "username" + }, { + "kind" : "sink", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 49, + "endLine" : 49, + "code" : "response.set_cookie('session', session_token, max_age=30*24*60*60)", + "beginColumn" : 44, + "endColumn" : 56 + }, + "variableName" : "session_token" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-113" ], + "tags" : [ "CWE:113", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "0PeEap7aYRaHMrEbgviLIA", + "cwe" : 113, + "issueId" : "SAS.injection.python.http_splitting.dockerized_labs/broken_auth_lab/app.py.49", + "explanation" : "Improper neutralization of CRLF sequences in HTTP headers ('HTTP Request/Response Splitting')" + }, { + "detector" : "python.http_splitting", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 51, + "endLine" : 51, + "code" : "response.set_cookie('session', session_token)", + "beginColumn" : 13, + "endColumn" : 57 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 37, + "endLine" : 37, + "code" : "username = request.form.get('username')", + "beginColumn" : 5, + "endColumn" : 12 + }, + "container" : "flask.Response def login()", + "injectionPoint" : "username", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 51, + "endLine" : 51, + "code" : "response.set_cookie('session', session_token)", + "beginColumn" : 22, + "endColumn" : 31 + }, + "container" : "flask.Response def login()", + "category" : "header_manipulation" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 37, + "endLine" : 37, + "code" : "username = request.form.get('username')", + "beginColumn" : 5, + "endColumn" : 12 + }, + "variableName" : "username" + }, { + "kind" : "assign", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 45, + "endLine" : 45, + "code" : "f\"{username}:{datetime.now()}\".encode()", + "beginColumn" : 45, + "endColumn" : 52 + }, + "variableName" : "username" + }, { + "kind" : "sink", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 51, + "endLine" : 51, + "code" : "response.set_cookie('session', session_token)", + "beginColumn" : 44, + "endColumn" : 56 + }, + "variableName" : "session_token" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-113" ], + "tags" : [ "CWE:113", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "kul59Xe2/V2xmTcarQ+6CQ", + "cwe" : 113, + "issueId" : "SAS.injection.python.http_splitting.dockerized_labs/broken_auth_lab/app.py.51", + "explanation" : "Improper neutralization of CRLF sequences in HTTP headers ('HTTP Request/Response Splitting')" + }, { + "detector" : "python.command_injection", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 233, + "endLine" : 233, + "code" : "process = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)", + "beginColumn" : 31, + "endColumn" : 99 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 240, + "endLine" : 240, + "code" : "ip = request.POST.get('ip')", + "beginColumn" : 9, + "endColumn" : 10 + }, + "container" : "django.http.JsonResponse def mitre_lab_17_api(request)", + "injectionPoint" : "ip", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 242, + "endLine" : 242, + "code" : "command_out(command)", + "beginColumn" : 20, + "endColumn" : 30 + }, + "container" : "django.http.JsonResponse def mitre_lab_17_api(request)", + "category" : "command_injection" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 233, + "endLine" : 233, + "code" : "process = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)", + "beginColumn" : 31, + "endColumn" : 99 + }, + "container" : "def command_out(command)", + "injectionPoint" : "command", + "category" : "command_injection" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 240, + "endLine" : 240, + "code" : "ip = request.POST.get('ip')", + "beginColumn" : 9, + "endColumn" : 10 + }, + "variableName" : "ip" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 241, + "endLine" : 241, + "code" : "command = \"nmap \" + ip", + "beginColumn" : 29, + "endColumn" : 30 + }, + "variableName" : "ip" + }, { + "kind" : "call", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 242, + "endLine" : 242, + "code" : "command_out(command)", + "beginColumn" : 32, + "endColumn" : 38 + }, + "variableName" : "command" + }, { + "kind" : "call", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 232, + "endLine" : 236, + "beginColumn" : 1, + "endColumn" : 1 + }, + "unitSignature" : "def command_out(command)", + "taintedParameter" : "command", + "path" : [ { + "kind" : "sink", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 233, + "endLine" : 233, + "code" : "process = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)", + "beginColumn" : 32, + "endColumn" : 38 + }, + "variableName" : "command" + } ] + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-77" ], + "tags" : [ "CWE:77", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "+PIh0lUWpO6OPUk8VASFIg", + "cwe" : 77, + "issueId" : "SAS.injection.python.command_injection.introduction/mitre.py.233", + "explanation" : "Improper neutralization of special elements used in a command ('Command Injection')" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 49, + "endLine" : 49, + "code" : "max_age=30*24*60*60", + "beginColumn" : 59, + "endColumn" : 77 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-539" ], + "properties" : { + "unique.hash.prop" : "persistence" + }, + "tags" : [ "CWE:539", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "34Ep5kGyYIPMN30AEiZD6A", + "cwe" : 539, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.persistence.dockerized_labs/broken_auth_lab/app.py.49", + "explanation" : "Persistent cookie: '2,592,000'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 49, + "endLine" : 49, + "code" : "response.set_cookie('session', session_token, max_age=30*24*60*60)", + "beginColumn" : 13, + "endColumn" : 78 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "roAhfUyXwUCHL/lEZV+l+Q", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.dockerized_labs/broken_auth_lab/app.py.49", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 49, + "endLine" : 49, + "code" : "response.set_cookie('session', session_token, max_age=30*24*60*60)", + "beginColumn" : 13, + "endColumn" : 78 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "bfEXbk8mOD1SX0OVu/XVRQ", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.dockerized_labs/broken_auth_lab/app.py.49", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 49, + "endLine" : 49, + "code" : "response.set_cookie('session', session_token, max_age=30*24*60*60)", + "beginColumn" : 13, + "endColumn" : 78 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "7mDfeEtJEkXQwVoNb7vNqA", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.dockerized_labs/broken_auth_lab/app.py.49", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 51, + "endLine" : 51, + "code" : "response.set_cookie('session', session_token)", + "beginColumn" : 13, + "endColumn" : 57 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "mGr9MTPg9okDnjD/LNpnvQ", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.dockerized_labs/broken_auth_lab/app.py.51", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 51, + "endLine" : 51, + "code" : "response.set_cookie('session', session_token)", + "beginColumn" : 13, + "endColumn" : 57 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "Fd25hqgkxW+E1rxA0jpnwQ", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.dockerized_labs/broken_auth_lab/app.py.51", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 51, + "endLine" : 51, + "code" : "response.set_cookie('session', session_token)", + "beginColumn" : 13, + "endColumn" : 57 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "VM/UlHXqKsvCIJLX2zKKmg", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.dockerized_labs/broken_auth_lab/app.py.51", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.weak_hash_algorithm", + "kind" : "cryptography", + "severity" : "critical", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 86, + "endLine" : 86, + "code" : "hashlib.md5(f\"{email}:{datetime.now()}\".encode()).hexdigest()", + "beginColumn" : 21, + "endColumn" : 81 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-328" ], + "tags" : [ "CCN-AGREED/Hash", "crypto", "CWE:328", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A2", "PCI-DSS:3.6.1" ], + "uniqueHash" : "CAdPrhhx94n4O696+4GQow", + "cwe" : 328, + "issueId" : "SAS.cryptography.python.weak_hash_algorithm.dockerized_labs/broken_auth_lab/app.py.86", + "explanation" : "Hash algorithm md5 should not be used" + }, { + "detector" : "python.server_insecure_transport", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 123, + "endLine" : 123, + "code" : "app.run(host='0.0.0.0', port=5000, debug=True)", + "beginColumn" : 5, + "endColumn" : 50 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-319" ], + "properties" : { + "unique.hash.prop" : "flask" + }, + "tags" : [ "CWE:319", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4" ], + "uniqueHash" : "vAxGlct+D05eBG6cgibtzA", + "cwe" : 319, + "issueId" : "SAS.information_leak.python.server_insecure_transport.flask.dockerized_labs/broken_auth_lab/app.py.123", + "explanation" : "Provide a proper SSL Context so Flask can serve with HTTPS protocol" + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access.html", + "beginLine" : 58, + "endLine" : 58, + "code" : "onclick=\"window.location.href='/broken_access_lab_1'\"", + "beginColumn" : 17, + "endColumn" : 69 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "8DaaRJvfz599wh3kuu5VPA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access.html.58", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access.html", + "beginLine" : 99, + "endLine" : 99, + "code" : "onclick=\"window.location.href='/broken_access_lab_2'\"", + "beginColumn" : 17, + "endColumn" : 69 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "PBMPYY2260DM2GZNnFo3Yg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access.html.99", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access.html", + "beginLine" : 121, + "endLine" : 121, + "code" : "onclick=\"window.location.href='/broken_access_lab_3'\"", + "beginColumn" : 17, + "endColumn" : 69 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "ftbLMUIae043obG69fPjGg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access.html.121", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html", + "beginLine" : 14, + "endLine" : 14, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "W6SsV8MNhqHOi2S5syDvGA", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html.14", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html", + "beginLine" : 11, + "endLine" : 11, + "code" : "", + "beginColumn" : 9, + "endColumn" : 58 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "hbT2IJPTuAH7nhacUDIAIg", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html.11", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 13, + "endColumn" : 78 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "Ojjahabgw1LNyiHqnF9GmQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html.13", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html", + "beginLine" : 14, + "endLine" : 14, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "v/p1KtvmZsf8xGCalpL5hw", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html.14", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html", + "beginLine" : 41, + "endLine" : 41, + "code" : "onclick=\"window.location.href='/ba'\"", + "beginColumn" : 64, + "endColumn" : 99 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "SvplccIgW6O9cta8OE6xpg", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_1.html.41", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html", + "beginLine" : 14, + "endLine" : 14, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "cE9gSyAKnPA7Xbj/BNzA0g", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html.14", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "python.cookie_poisoning", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 49, + "endLine" : 49, + "code" : "response.set_cookie('session', session_token, max_age=30*24*60*60)", + "beginColumn" : 13, + "endColumn" : 78 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 37, + "endLine" : 37, + "code" : "username = request.form.get('username')", + "beginColumn" : 5, + "endColumn" : 12 + }, + "container" : "flask.Response def login()", + "injectionPoint" : "username", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 49, + "endLine" : 49, + "code" : "response.set_cookie('session', session_token, max_age=30*24*60*60)", + "beginColumn" : 22, + "endColumn" : 31 + }, + "container" : "flask.Response def login()", + "category" : "cookie_poisoning" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 37, + "endLine" : 37, + "code" : "username = request.form.get('username')", + "beginColumn" : 5, + "endColumn" : 12 + }, + "variableName" : "username" + }, { + "kind" : "assign", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 45, + "endLine" : 45, + "code" : "f\"{username}:{datetime.now()}\".encode()", + "beginColumn" : 45, + "endColumn" : 52 + }, + "variableName" : "username" + }, { + "kind" : "sink", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 49, + "endLine" : 49, + "code" : "response.set_cookie('session', session_token, max_age=30*24*60*60)", + "beginColumn" : 44, + "endColumn" : 56 + }, + "variableName" : "session_token" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-472" ], + "tags" : [ "CWE:472", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.1" ], + "uniqueHash" : "KXWAtevE0pnC+nKHZCzQ4w", + "cwe" : 472, + "issueId" : "SAS.injection.python.cookie_poisoning.dockerized_labs/broken_auth_lab/app.py.49", + "explanation" : "Improper neutralization of external input stored into a cookie ('Cookie Poisoning')" + }, { + "detector" : "html.forms_without_csrf_protection", + "kind" : "authentication", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html", + "beginLine" : 11, + "endLine" : 11, + "code" : "", + "beginColumn" : 9, + "endColumn" : 58 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "GgweyCybTbp5WWF/+wemRg", + "cwe" : 352, + "issueId" : "SAS.authentication.html.forms_without_csrf_protection.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html.11", + "explanation" : "State-changing forms (POST/PUT/DELETE) require tokens to prevent Cross-Site Request Forgery." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "", + "beginColumn" : 13, + "endColumn" : 78 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "ORL4MEJ3SouYuieSeE1HOg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html.13", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html", + "beginLine" : 14, + "endLine" : 14, + "code" : "", + "beginColumn" : 13, + "endColumn" : 81 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "1DQ8wxjAarDWc/XaX6IpPA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html.14", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html", + "beginLine" : 45, + "endLine" : 45, + "code" : "onclick=\"window.location.href='/broken_access_control'\"", + "beginColumn" : 64, + "endColumn" : 118 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "3B+NB9aEUpxKXEYVQft6Ng", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_2.html.45", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "python.cookie_poisoning", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 51, + "endLine" : 51, + "code" : "response.set_cookie('session', session_token)", + "beginColumn" : 13, + "endColumn" : 57 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 37, + "endLine" : 37, + "code" : "username = request.form.get('username')", + "beginColumn" : 5, + "endColumn" : 12 + }, + "container" : "flask.Response def login()", + "injectionPoint" : "username", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 51, + "endLine" : 51, + "code" : "response.set_cookie('session', session_token)", + "beginColumn" : 22, + "endColumn" : 31 + }, + "container" : "flask.Response def login()", + "category" : "cookie_poisoning" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 37, + "endLine" : 37, + "code" : "username = request.form.get('username')", + "beginColumn" : 5, + "endColumn" : 12 + }, + "variableName" : "username" + }, { + "kind" : "assign", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 45, + "endLine" : 45, + "code" : "f\"{username}:{datetime.now()}\".encode()", + "beginColumn" : 45, + "endColumn" : 52 + }, + "variableName" : "username" + }, { + "kind" : "sink", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 51, + "endLine" : 51, + "code" : "response.set_cookie('session', session_token)", + "beginColumn" : 44, + "endColumn" : 56 + }, + "variableName" : "session_token" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-472" ], + "tags" : [ "CWE:472", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.1" ], + "uniqueHash" : "w57CyqV/0sgoPSVnI/DWRA", + "cwe" : 472, + "issueId" : "SAS.injection.python.cookie_poisoning.dockerized_labs/broken_auth_lab/app.py.51", + "explanation" : "Improper neutralization of external input stored into a cookie ('Cookie Poisoning')" + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_3.html", + "beginLine" : 28, + "endLine" : 28, + "code" : "", + "beginColumn" : 17, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "4ZV7UtBW0v4I69yJ+xHUQQ", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_3.html.28", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_3.html", + "beginLine" : 27, + "endLine" : 27, + "code" : "", + "beginColumn" : 17, + "endColumn" : 86 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "WG67CPjMdQVwi4VMNf0ZnA", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_3.html.27", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_3.html", + "beginLine" : 28, + "endLine" : 28, + "code" : "", + "beginColumn" : 17, + "endColumn" : 89 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "6A4NZ+L/sgzRHyusF7q0bg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_3.html.28", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_3.html", + "beginLine" : 38, + "endLine" : 38, + "code" : "onclick=\"window.location.href='/broken_access_control'\"", + "beginColumn" : 64, + "endColumn" : 118 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "fiBDJc53HnksS6bgrtBdmQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A1_BrokenAccessControl/broken_access_lab_3.html.38", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure.html", + "beginLine" : 27, + "endLine" : 27, + "code" : "onclick=\"window.location.href='/cryptographic_failure/lab'\"", + "beginColumn" : 72, + "endColumn" : 130 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "3V+VoBvTD+pcDghagNAOug", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure.html.27", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure.html", + "beginLine" : 46, + "endLine" : 46, + "code" : "onclick=\"window.location.href='/cryptographic_failure/lab2'\"", + "beginColumn" : 72, + "endColumn" : 131 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "O8Qtn7WuxF/R1nBIVJfAcA", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure.html.46", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure.html", + "beginLine" : 61, + "endLine" : 61, + "code" : "onclick=\"window.location.href='/cryptographic_failure/lab3'\"", + "beginColumn" : 72, + "endColumn" : 131 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "SiBNl+66Mw6Hn+4urRAsOQ", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure.html.61", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure.html", + "beginLine" : 88, + "endLine" : 88, + "code" : "onclick=\"window.location.href='/'\"", + "beginColumn" : 59, + "endColumn" : 92 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "umfgdBnCGOOptaqx8a8Jng", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure.html.88", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "html.autocomplete_enabled_for_sensitive_fields", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab.html", + "beginLine" : 18, + "endLine" : 18, + "code" : "", + "beginColumn" : 13, + "endColumn" : 85 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-522" ], + "tags" : [ "CWE:522", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "bI37ZGmQUZPa5Kx/xZb9UQ", + "cwe" : 522, + "issueId" : "SAS.information_leak.html.autocomplete_enabled_for_sensitive_fields.introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab.html.18", + "explanation" : "Browsers cache sensitive data which can be extracted from shared devices or by malware." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab.html", + "beginLine" : 17, + "endLine" : 17, + "code" : "", + "beginColumn" : 13, + "endColumn" : 82 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "jUOxMADvrEWczgwUNtYYhQ", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab.html.17", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.input_fields_without_validation_attributes", + "kind" : "injection", + "severity" : "info", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab.html", + "beginLine" : 18, + "endLine" : 18, + "code" : "", + "beginColumn" : 13, + "endColumn" : 85 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-20" ], + "tags" : [ "CWE:20", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "EUQhu+53zdRcBK7QaJaDHg", + "cwe" : 20, + "issueId" : "SAS.injection.html.input_fields_without_validation_attributes.introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab.html.18", + "explanation" : "Client-side validation is a \"defense-in-depth\" measure that improves UX and reduces basic attack surface." + }, { + "detector" : "html.inline_javascript_event_handler", + "kind" : "injection", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab.html", + "beginLine" : 32, + "endLine" : 32, + "code" : "onclick=\"window.location.href='/cryptographic_failure'\"", + "beginColumn" : 48, + "endColumn" : 102 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "HtjTLfS9q5UUfrVzjNzRqw", + "cwe" : 79, + "issueId" : "SAS.injection.html.inline_javascript_event_handler.introduction/templates/Lab_2021/A2_Crypto_failur/crypto_failure_lab.html.32", + "explanation" : "Inline handlers bypass Content Security Policy (CSP) script-src directives and are primary XSS injection points." + }, { + "detector" : "python.django_unsafe_session_configuration", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/sensitive_data_lab/settings.py", + "beginLine" : 1, + "endLine" : 106, + "code" : "import os\nfrom pathlib import Path\n\n# Build paths inside the project like this: BASE_DIR / 'subdir'.\nBASE_DIR = Path(__file__).resolve().parent.parent\n\n# SECURITY WARNING: keep the secret key used in production secret!\nSECRET_KEY = 'django-insecure-key-for-demonstration-only'\n\n# SECURITY WARNING: don't run with debug turned on in production!\nDEBUG ", + "beginColumn" : 1, + "endColumn" : 2 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1275" ], + "properties" : { + "unique.hash.prop" : "samesite" + }, + "tags" : [ "CWE:1275", "django", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "vVEFIc2m0U458OcCW0ibtg", + "cwe" : 1275, + "issueId" : "SAS.misconfiguration.python.django_unsafe_session_configuration.samesite.dockerized_labs/sensitive_data_exposure/sensitive_data_lab/settings.py.1", + "explanation" : "Session cookie samesite attribute is not properly configured, application may be vulnerable to CSRF attacks: 'Lax'" + }, { + "detector" : "python.django_unsafe_session_configuration", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/sensitive_data_lab/settings.py", + "beginLine" : 1, + "endLine" : 106, + "code" : "import os\nfrom pathlib import Path\n\n# Build paths inside the project like this: BASE_DIR / 'subdir'.\nBASE_DIR = Path(__file__).resolve().parent.parent\n\n# SECURITY WARNING: keep the secret key used in production secret!\nSECRET_KEY = 'django-insecure-key-for-demonstration-only'\n\n# SECURITY WARNING: don't run with debug turned on in production!\nDEBUG ", + "beginColumn" : 1, + "endColumn" : 2 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "django", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "Cm+vPJLJOyUQX9Q17vWrGg", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.django_unsafe_session_configuration.httponly.dockerized_labs/sensitive_data_exposure/sensitive_data_lab/settings.py.1", + "explanation" : "Session cookie HttpOnly flag not enforced" + }, { + "detector" : "python.django_unsafe_session_configuration", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/sensitive_data_lab/settings.py", + "beginLine" : 1, + "endLine" : 106, + "code" : "import os\nfrom pathlib import Path\n\n# Build paths inside the project like this: BASE_DIR / 'subdir'.\nBASE_DIR = Path(__file__).resolve().parent.parent\n\n# SECURITY WARNING: keep the secret key used in production secret!\nSECRET_KEY = 'django-insecure-key-for-demonstration-only'\n\n# SECURITY WARNING: don't run with debug turned on in production!\nDEBUG ", + "beginColumn" : 1, + "endColumn" : 2 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "django", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "9STv2a6GySoGp3t1hrsnIQ", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.django_unsafe_session_configuration.secure.dockerized_labs/sensitive_data_exposure/sensitive_data_lab/settings.py.1", + "explanation" : "Session cookie Secure flag not enforced" + }, { + "detector" : "python.django_unsafe_session_configuration", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/sensitive_data_lab/settings.py", + "beginLine" : 1, + "endLine" : 106, + "code" : "import os\nfrom pathlib import Path\n\n# Build paths inside the project like this: BASE_DIR / 'subdir'.\nBASE_DIR = Path(__file__).resolve().parent.parent\n\n# SECURITY WARNING: keep the secret key used in production secret!\nSECRET_KEY = 'django-insecure-key-for-demonstration-only'\n\n# SECURITY WARNING: don't run with debug turned on in production!\nDEBUG ", + "beginColumn" : 1, + "endColumn" : 2 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "django", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "0tE4B/LfZtKvQfS/8xBlqA", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.django_unsafe_session_configuration.path.dockerized_labs/sensitive_data_exposure/sensitive_data_lab/settings.py.1", + "explanation" : "Session cookie path is not allowed: '/'" + }, { + "detector" : "python.django_unsafe_configuration", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/sensitive_data_lab/settings.py", + "beginLine" : 8, + "endLine" : 8, + "code" : "SECRET_KEY = 'dj***********...'", + "beginColumn" : 1, + "endColumn" : 57 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-798" ], + "tags" : [ "CWE-693", "CWE:798", "django", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A2", "OWASP:2021:A5", "OWASP:2021:A7", "PCI-DSS:3.6.1", "PCI-DSS:6.5.6" ], + "uniqueHash" : "92cP19IrHEgaoMj79j82oQ", + "cwe" : 798, + "issueId" : "SAS.misconfiguration.python.django_unsafe_configuration.dockerized_labs/sensitive_data_exposure/sensitive_data_lab/settings.py.8", + "explanation" : "Hardcoded secret key may expose the application to security risks if the key is leaked" + }, { + "detector" : "python.django_unsafe_configuration", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/sensitive_data_lab/settings.py", + "beginLine" : 11, + "endLine" : 11, + "code" : "DEBUG = True", + "beginColumn" : 1, + "endColumn" : 12 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-489" ], + "tags" : [ "CWE-693", "CWE:489", "django", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A2", "OWASP:2021:A5", "OWASP:2021:A7", "PCI-DSS:3.6.1", "PCI-DSS:6.5.6" ], + "uniqueHash" : "oBUQmnmDUPLvqhF/ZEiW4g", + "cwe" : 489, + "issueId" : "SAS.misconfiguration.python.django_unsafe_configuration.dockerized_labs/sensitive_data_exposure/sensitive_data_lab/settings.py.11", + "explanation" : "Leftover debug level may lead to sensitive information exposure" + }, { + "detector" : "python.django_unsafe_configuration", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/sensitive_data_lab/settings.py", + "beginLine" : 13, + "endLine" : 13, + "code" : "ALLOWED_HOSTS = ['*']", + "beginColumn" : 1, + "endColumn" : 21 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-284" ], + "tags" : [ "CWE-693", "CWE:284", "django", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A2", "OWASP:2021:A5", "OWASP:2021:A7", "PCI-DSS:3.6.1", "PCI-DSS:6.5.6" ], + "uniqueHash" : "EHoHE43TE/ek1TGxUHcEmw", + "cwe" : 284, + "issueId" : "SAS.misconfiguration.python.django_unsafe_configuration.dockerized_labs/sensitive_data_exposure/sensitive_data_lab/settings.py.13", + "explanation" : "Using concrete hosts within the ALLOWED_HOSTS setting helps to prevent HTTP host header attacks" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/about.html", + "beginLine" : 5, + "endLine" : 5, + "code" : "", + "beginColumn" : 5, + "endColumn" : 107 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "MI7ASEqEpxhxsJ0PCKFPqQ", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/about.html.5", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/about.html", + "beginLine" : 91, + "endLine" : 91, + "code" : "", + "beginColumn" : 5, + "endColumn" : 76 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "6IoXreKf9OkU84iHZNbIXg", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/about.html.91", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/about.html", + "beginLine" : 92, + "endLine" : 92, + "code" : "", + "beginColumn" : 5, + "endColumn" : 96 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "i2W/yBN/SdYFkkvWAEKung", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/about.html.92", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_resource_integrity", + "kind" : "access_control", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/about.html", + "beginLine" : 93, + "endLine" : 93, + "code" : "", + "beginColumn" : 5, + "endColumn" : 98 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-353" ], + "tags" : [ "CWE:353", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "CsKf80vDqN4no9uee/o+3A", + "cwe" : 353, + "issueId" : "SAS.access_control.html.missing_resource_integrity.dockerized_labs/sensitive_data_exposure/templates/about.html.93", + "explanation" : "Remote resource without integrity checks can lead to the execution of arbitrary code" + }, { + "detector" : "html.missing_tabnabbing_protection", + "kind" : "access_control", + "severity" : "low", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/about.html", + "beginLine" : 84, + "endLine" : 84, + "code" : "", + "beginColumn" : 25, + "endColumn" : 113 + }, + "language" : "html", + "confidence" : "high", + "cwes" : [ "CWE-1021" ], + "tags" : [ "CWE:1021", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.4", "PCI-DSS:6.5.6" ], + "uniqueHash" : "9k0h81IhuI10UKnadxOdZw", + "cwe" : 1021, + "issueId" : "SAS.access_control.html.missing_tabnabbing_protection.dockerized_labs/sensitive_data_exposure/templates/about.html.84", + "explanation" : "target=\"_blank\" allows a new page to access the window.opener object, enabling phishing redirects." + }, { + "detector" : "javascript.resource_injection", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "introduction/static/Lab/xss.js", + "beginLine" : 36, + "endLine" : 36, + "code" : "xhr.open(\"POST\", url, true)", + "beginColumn" : 8, + "endColumn" : 34 + }, + "language" : "javascript", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/static/Lab/xss.js", + "beginLine" : 35, + "endLine" : 35, + "code" : "url = $(\"#Url\").attr(\"data-url\")", + "beginColumn" : 13, + "endColumn" : 15 + }, + "container" : "function SendToServer()", + "injectionPoint" : "url = $(\"#Url\").attr(\"data-url\")", + "category" : "user_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/static/Lab/xss.js", + "beginLine" : 36, + "endLine" : 36, + "code" : "xhr.open(\"POST\", url, true)", + "beginColumn" : 8, + "endColumn" : 34 + }, + "category" : "resource_injection" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/static/Lab/xss.js", + "beginLine" : 35, + "endLine" : 35, + "code" : "url = $(\"#Url\").attr(\"data-url\")", + "beginColumn" : 13, + "endColumn" : 44 + }, + "variableName" : "url" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/static/Lab/xss.js", + "beginLine" : 36, + "endLine" : 36, + "code" : "xhr.open(\"POST\", url, true)", + "beginColumn" : 25, + "endColumn" : 27 + }, + "variableName" : "url" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-99" ], + "tags" : [ "CWE:99", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "DMddQkIIozvR6P29hOtkvg", + "cwe" : 99, + "issueId" : "SAS.injection.javascript.resource_injection.introduction/static/Lab/xss.js.36", + "explanation" : "Improper control of resource identifiers ('Resource Injection')" + }, { + "detector" : "python.http_splitting", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 171, + "endLine" : 171, + "code" : "response.set_cookie('auth_cookiee', cookie)", + "beginColumn" : 13, + "endColumn" : 55 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 160, + "endLine" : 160, + "code" : "username = request.POST.get('username')", + "beginColumn" : 9, + "endColumn" : 16 + }, + "container" : "def csrf_lab_login(request)", + "injectionPoint" : "username", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 171, + "endLine" : 171, + "code" : "response.set_cookie('auth_cookiee', cookie)", + "beginColumn" : 22, + "endColumn" : 31 + }, + "container" : "def csrf_lab_login(request)", + "category" : "header_manipulation" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 160, + "endLine" : 160, + "code" : "username = request.POST.get('username')", + "beginColumn" : 9, + "endColumn" : 16 + }, + "variableName" : "username" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 165, + "endLine" : 165, + "code" : "payload ={\n 'username': username,\n 'exp': datetime.datetime.utcnow() + datetime.timedelta(seconds=300),\n 'iat': datetime.datetime.utcnow()\n }", + "beginColumn" : 29, + "endColumn" : 36 + }, + "variableName" : "username" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 169, + "endLine" : 169, + "code" : "jwt.encode(payload, 'csrf_vulneribility', algorithm='HS256')", + "beginColumn" : 33, + "endColumn" : 39 + }, + "variableName" : "payload" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 171, + "endLine" : 171, + "code" : "response.set_cookie('auth_cookiee', cookie)", + "beginColumn" : 49, + "endColumn" : 54 + }, + "variableName" : "cookie" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-113" ], + "tags" : [ "CWE:113", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "A5qoU/bimUpTxrav8OHgrw", + "cwe" : 113, + "issueId" : "SAS.injection.python.http_splitting.introduction/mitre.py.171", + "explanation" : "Improper neutralization of CRLF sequences in HTTP headers ('HTTP Request/Response Splitting')" + }, { + "detector" : "javascript.cross_site_scripting", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/static/js/a9.js", + "beginLine" : 40, + "endLine" : 40, + "code" : "li.innerHTML = data.logs[i]", + "beginColumn" : 13, + "endColumn" : 39 + }, + "language" : "javascript", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/static/js/a9.js", + "beginLine" : 34, + "endLine" : 34, + "code" : "result", + "beginColumn" : 11, + "endColumn" : 16 + }, + "container" : "function function:13:45()", + "injectionPoint" : "result", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/static/js/a9.js", + "beginLine" : 40, + "endLine" : 40, + "code" : "li.innerHTML = data.logs[i]", + "beginColumn" : 15, + "endColumn" : 24 + }, + "category" : "xss" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.7" ], + "uniqueHash" : "KWUvbMap38tBrbOqSgam/A", + "cwe" : 79, + "issueId" : "SAS.injection.javascript.cross_site_scripting.introduction/static/js/a9.js.40", + "explanation" : "Improper neutralization of input during web page generation ('Cross-site Scripting' aka 'XSS')" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 176, + "endLine" : 190, + "code" : "@authentication_decorator\n@csrf_exempt\ndef csrf_transfer_monei(request):\n if request.method == 'GET':\n try:\n cookie = request.COOKIES['auth_cookiee']\n payload = jwt.decode(cookie, 'csrf_vulneribility', algorithms=['HS256'])\n username = payload['username']\n User = CSRF_user_tbl.objects.filter(use", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "a50GaZ12tCaodmD+D/iW0w", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/mitre.py.176", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 214, + "endLine" : 223, + "code" : "@csrf_exempt\ndef mitre_lab_25_api(request):\n if request.method == \"POST\":\n expression = request.POST.get('expression')\n result = eval(expression)\n return JsonResponse({'result': result})\n else:\n return redirect('/mitre/25/lab/')\n\n\n", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "y1aXolm3ub5UQoxc1FslNQ", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/mitre.py.214", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 237, + "endLine" : 247, + "code" : "@csrf_exempt\ndef mitre_lab_17_api(request):\n if request.method == \"POST\":\n ip = request.POST.get('ip')\n command = \"nmap \" + ip \n res, err = command_out(command)\n res = res.decode()\n err = err.decode()\n pattern = \"STATE SERVICE.*\\\\n\\\\n\"\n ports = re.findall(pattern, res,re.DOTALL)[0][14:-2].split('\\", + "beginColumn" : 1, + "endColumn" : 88 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "EAgFwIgneKtmjgVA136zxw", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/mitre.py.237", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.hardcoded_cryptographic_key", + "kind" : "predictability", + "severity" : "critical", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 169, + "endLine" : 169, + "code" : "jwt.encode(payload, 'cs***********...', algorithm='HS256')", + "beginColumn" : 22, + "endColumn" : 81 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-321" ], + "tags" : [ "CCN-PITFALL/KeyManagement", "crypto", "CWE:321", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A2", "PCI-DSS:3.6.3" ], + "uniqueHash" : "FYjW0OsGKzEsuaoqLwvX0Q", + "cwe" : 321, + "issueId" : "SAS.predictability.python.hardcoded_cryptographic_key.introduction/mitre.py.169", + "explanation" : "Hardcoded cryptographic key: cs***********..." + }, { + "detector" : "python.hardcoded_cryptographic_key", + "kind" : "predictability", + "severity" : "critical", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 182, + "endLine" : 182, + "code" : "jwt.decode(cookie, 'cs***********...', algorithms=['HS256'])", + "beginColumn" : 23, + "endColumn" : 84 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-321" ], + "tags" : [ "CCN-PITFALL/KeyManagement", "crypto", "CWE:321", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A2", "PCI-DSS:3.6.3" ], + "uniqueHash" : "4I2Zx4d4xRaw+Xbvn/ayPw", + "cwe" : 321, + "issueId" : "SAS.predictability.python.hardcoded_cryptographic_key.introduction/mitre.py.182", + "explanation" : "Hardcoded cryptographic key: cs***********..." + }, { + "detector" : "python.hardcoded_cryptographic_key", + "kind" : "predictability", + "severity" : "critical", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 194, + "endLine" : 194, + "code" : "jwt.decode(cookie, 'cs***********...', algorithms=['HS256'])", + "beginColumn" : 19, + "endColumn" : 80 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-321" ], + "tags" : [ "CCN-PITFALL/KeyManagement", "crypto", "CWE:321", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A2", "PCI-DSS:3.6.3" ], + "uniqueHash" : "4I2Zx4d4xRaw+Xbvn/ayPw", + "cwe" : 321, + "issueId" : "SAS.predictability.python.hardcoded_cryptographic_key.introduction/mitre.py.194", + "explanation" : "Hardcoded cryptographic key: cs***********..." + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 171, + "endLine" : 171, + "code" : "response.set_cookie('auth_cookiee', cookie)", + "beginColumn" : 13, + "endColumn" : 55 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "8LifGRVyh0h2041EaHW50w", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.introduction/mitre.py.171", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 171, + "endLine" : 171, + "code" : "response.set_cookie('auth_cookiee', cookie)", + "beginColumn" : 13, + "endColumn" : 55 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "yod09LMYodgW2J8gJsMtZw", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.introduction/mitre.py.171", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 171, + "endLine" : 171, + "code" : "response.set_cookie('auth_cookiee', cookie)", + "beginColumn" : 13, + "endColumn" : 55 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "ax/fzssrpKsyxClFV8HYog", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.introduction/mitre.py.171", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.weak_hash_algorithm", + "kind" : "cryptography", + "severity" : "critical", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 161, + "endLine" : 161, + "code" : "md5(password.encode()).hexdigest()", + "beginColumn" : 20, + "endColumn" : 53 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-328" ], + "tags" : [ "CCN-AGREED/Hash", "crypto", "CWE:328", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A2", "PCI-DSS:3.6.1" ], + "uniqueHash" : "w5nokKLWhwWy/hO3W3qM7w", + "cwe" : 328, + "issueId" : "SAS.cryptography.python.weak_hash_algorithm.introduction/mitre.py.161", + "explanation" : "Hash algorithm md5 should not be used" + }, { + "detector" : "python.external_request_dos", + "kind" : "resource_management", + "severity" : "high", + "location" : { + "filepath" : "introduction/playground/A6/soln.py", + "beginLine" : 9, + "endLine" : 9, + "code" : "requests.get(url)", + "beginColumn" : 20, + "endColumn" : 36 + }, + "language" : "python", + "container" : "list def check_vuln(list_of_modules)", + "confidence" : "high", + "cwes" : [ "CWE-1088" ], + "tags" : [ "CWE:1088", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "0EjV7FzQk8r/ixsaaY2oUw", + "cwe" : 1088, + "issueId" : "SAS.resource_management.python.external_request_dos.introduction/playground/A6/soln.py.9", + "explanation" : "External request performed without a timeout" + }, { + "detector" : "python.execution_after_redirect", + "kind" : "other", + "severity" : "low", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 170, + "endLine" : 170, + "code" : "response = redirect(\"/mitre/9/lab/transaction\")", + "beginColumn" : 13, + "endColumn" : 59 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-698" ], + "tags" : [ "CWE:698", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "EO/9ru7gBctce0JbEuICxg", + "cwe" : 698, + "issueId" : "SAS.other.python.execution_after_redirect.introduction/mitre.py.170", + "explanation" : "Execution after redirect ('EAR')" + }, { + "detector" : "python.external_request_dos", + "kind" : "resource_management", + "severity" : "high", + "location" : { + "filepath" : "introduction/playground/A6/utility.py", + "beginLine" : 9, + "endLine" : 9, + "code" : "requests.get(url)", + "beginColumn" : 20, + "endColumn" : 36 + }, + "language" : "python", + "container" : "list def check_vuln(list_of_modules)", + "confidence" : "high", + "cwes" : [ "CWE-1088" ], + "tags" : [ "CWE:1088", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "5onwadRPK6XyuYLLwv0YBA", + "cwe" : 1088, + "issueId" : "SAS.resource_management.python.external_request_dos.introduction/playground/A6/utility.py.9", + "explanation" : "External request performed without a timeout" + }, { + "detector" : "python.information_exposure_through_external_request", + "kind" : "information_leak", + "severity" : "low", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 83, + "endLine" : 83, + "code" : "requests.request(\"PATCH\", url, data=payload)", + "beginColumn" : 9, + "endColumn" : 52 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 80, + "endLine" : 80, + "code" : "payload={'csrfmiddlewaretoken': csrf_token }", + "beginColumn" : 41, + "endColumn" : 50 + }, + "container" : "django.http.JsonResponse def log_function_checker(request)", + "injectionPoint" : "payload", + "category" : "sensitive_data" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 83, + "endLine" : 83, + "code" : "requests.request(\"PATCH\", url, data=payload)", + "beginColumn" : 18, + "endColumn" : 24 + }, + "container" : "django.http.JsonResponse def log_function_checker(request)", + "category" : "sensitive_data" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-201" ], + "tags" : [ "CWE:201", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4" ], + "uniqueHash" : "EyQjjJdbO54QQRG8iTvgmw", + "cwe" : 201, + "issueId" : "SAS.information_leak.python.information_exposure_through_external_request.introduction/apis.py.83", + "explanation" : "Sensitive information leakage through external request. Found: 'csrf_token' categorized with data kind: 'access_control'" + }, { + "detector" : "python.external_request_dos", + "kind" : "resource_management", + "severity" : "high", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 81, + "endLine" : 81, + "code" : "requests.request(\"GET\", url)", + "beginColumn" : 9, + "endColumn" : 36 + }, + "language" : "python", + "container" : "django.http.JsonResponse def log_function_checker(request)", + "confidence" : "high", + "cwes" : [ "CWE-1088" ], + "tags" : [ "CWE:1088", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "pZP3LtXIw8+ID9Dy2NASDw", + "cwe" : 1088, + "issueId" : "SAS.resource_management.python.external_request_dos.introduction/apis.py.81", + "explanation" : "External request performed without a timeout" + }, { + "detector" : "python.external_request_dos", + "kind" : "resource_management", + "severity" : "high", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 82, + "endLine" : 82, + "code" : "requests.request(\"POST\", url)", + "beginColumn" : 9, + "endColumn" : 37 + }, + "language" : "python", + "container" : "django.http.JsonResponse def log_function_checker(request)", + "confidence" : "high", + "cwes" : [ "CWE-1088" ], + "tags" : [ "CWE:1088", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "78Tv7zN+0tE/q9tMQt5FHQ", + "cwe" : 1088, + "issueId" : "SAS.resource_management.python.external_request_dos.introduction/apis.py.82", + "explanation" : "External request performed without a timeout" + }, { + "detector" : "python.external_request_dos", + "kind" : "resource_management", + "severity" : "high", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 83, + "endLine" : 83, + "code" : "requests.request(\"PATCH\", url, data=payload)", + "beginColumn" : 9, + "endColumn" : 52 + }, + "language" : "python", + "container" : "django.http.JsonResponse def log_function_checker(request)", + "confidence" : "high", + "cwes" : [ "CWE-1088" ], + "tags" : [ "CWE:1088", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "I0HftXEw3UX6m3PMMG2tbA", + "cwe" : 1088, + "issueId" : "SAS.resource_management.python.external_request_dos.introduction/apis.py.83", + "explanation" : "External request performed without a timeout" + }, { + "detector" : "python.external_request_dos", + "kind" : "resource_management", + "severity" : "high", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 84, + "endLine" : 84, + "code" : "requests.request(\"DELETE\", url)", + "beginColumn" : 9, + "endColumn" : 39 + }, + "language" : "python", + "container" : "django.http.JsonResponse def log_function_checker(request)", + "confidence" : "high", + "cwes" : [ "CWE-1088" ], + "tags" : [ "CWE:1088", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "8iMxRIsOGVKPOEX5XUkPIg", + "cwe" : 1088, + "issueId" : "SAS.resource_management.python.external_request_dos.introduction/apis.py.84", + "explanation" : "External request performed without a timeout" + }, { + "detector" : "python.path_traversal", + "kind" : "path_resolution", + "severity" : "critical", + "location" : { + "filepath" : "introduction/playground/ssrf/main.py", + "beginLine" : 8, + "endLine" : 8, + "code" : "open(filename,\"r\")", + "beginColumn" : 16, + "endColumn" : 19 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 27, + "endLine" : 27, + "code" : "html_code = request.POST['html_code']", + "beginColumn" : 13, + "endColumn" : 21 + }, + "container" : "django.http.JsonResponse def ssrf_code_checker(request)", + "injectionPoint" : "html_code", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 38, + "endLine" : 38, + "code" : "main.ssrf_lab(inputs)", + "beginColumn" : 37, + "endColumn" : 44 + }, + "container" : "django.http.JsonResponse def ssrf_code_checker(request)", + "category" : "path_traversal" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/playground/ssrf/main.py", + "beginLine" : 8, + "endLine" : 8, + "code" : "open(filename,\"r\")", + "beginColumn" : 16, + "endColumn" : 19 + }, + "container" : "dict def ssrf_lab(file)", + "injectionPoint" : "file", + "category" : "path_traversal" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 27, + "endLine" : 27, + "code" : "html_code = request.POST['html_code']", + "beginColumn" : 13, + "endColumn" : 21 + }, + "variableName" : "html_code" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 30, + "endLine" : 30, + "code" : "ssrf_html_input_extractor(html_code)", + "beginColumn" : 53, + "endColumn" : 61 + }, + "variableName" : "html_code" + }, { + "kind" : "call", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 37, + "endLine" : 37, + "code" : "test_bench1", + "beginColumn" : 27, + "endColumn" : 37 + }, + "variableName" : "test_bench1" + }, { + "kind" : "call", + "location" : { + "filepath" : "introduction/playground/ssrf/main.py", + "beginLine" : 4, + "endLine" : 12, + "beginColumn" : 1, + "endColumn" : 41 + }, + "unitSignature" : "dict def ssrf_lab(file)", + "taintedParameter" : "file", + "path" : [ { + "kind" : "sink", + "location" : { + "filepath" : "introduction/playground/ssrf/main.py", + "beginLine" : 7, + "endLine" : 7, + "code" : "open(filename,\"r\")", + "beginColumn" : 42, + "endColumn" : 45 + }, + "variableName" : "file" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/playground/ssrf/main.py", + "beginLine" : 8, + "endLine" : 8, + "code" : "open(filename,\"r\")", + "beginColumn" : 21, + "endColumn" : 28 + }, + "variableName" : "filename" + } ] + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-22" ], + "tags" : [ "CWE:22", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "OWASP:2021:A5", "PCI-DSS:6.5.8" ], + "uniqueHash" : "pJidOJVYi2bc8S0RbI0Uww", + "cwe" : 22, + "issueId" : "SAS.path_resolution.python.path_traversal.introduction/playground/ssrf/main.py.8", + "explanation" : "Improper limitation of a pathname to a restricted directory" + }, { + "detector" : "python.cookie_poisoning", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 171, + "endLine" : 171, + "code" : "response.set_cookie('auth_cookiee', cookie)", + "beginColumn" : 13, + "endColumn" : 55 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 160, + "endLine" : 160, + "code" : "username = request.POST.get('username')", + "beginColumn" : 9, + "endColumn" : 16 + }, + "container" : "def csrf_lab_login(request)", + "injectionPoint" : "username", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 171, + "endLine" : 171, + "code" : "response.set_cookie('auth_cookiee', cookie)", + "beginColumn" : 22, + "endColumn" : 31 + }, + "container" : "def csrf_lab_login(request)", + "category" : "cookie_poisoning" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 160, + "endLine" : 160, + "code" : "username = request.POST.get('username')", + "beginColumn" : 9, + "endColumn" : 16 + }, + "variableName" : "username" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 165, + "endLine" : 165, + "code" : "payload ={\n 'username': username,\n 'exp': datetime.datetime.utcnow() + datetime.timedelta(seconds=300),\n 'iat': datetime.datetime.utcnow()\n }", + "beginColumn" : 29, + "endColumn" : 36 + }, + "variableName" : "username" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 169, + "endLine" : 169, + "code" : "jwt.encode(payload, 'csrf_vulneribility', algorithm='HS256')", + "beginColumn" : 33, + "endColumn" : 39 + }, + "variableName" : "payload" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/mitre.py", + "beginLine" : 171, + "endLine" : 171, + "code" : "response.set_cookie('auth_cookiee', cookie)", + "beginColumn" : 49, + "endColumn" : 54 + }, + "variableName" : "cookie" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-472" ], + "tags" : [ "CWE:472", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.1" ], + "uniqueHash" : "+GP6mLpoMMUXbacqlkwMLQ", + "cwe" : 472, + "issueId" : "SAS.injection.python.cookie_poisoning.introduction/mitre.py.171", + "explanation" : "Improper neutralization of external input stored into a cookie ('Cookie Poisoning')" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 22, + "endLine" : 58, + "code" : "@csrf_exempt\ndef ssrf_code_checker(request):\n if request.user.is_authenticated:\n if request.method == 'POST':\n python_code = request.POST['python_code']\n html_code = request.POST['html_code']\n if not (ssrf_code_converter(python_code)):\n return JsonResponse({\"status\": \"error\", \"message\": \"Inv", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "93mY16lJPqLVIhHE2xcLJw", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/apis.py.22", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 59, + "endLine" : 92, + "code" : "@csrf_exempt\n# @authentication_decorator\ndef log_function_checker(request):\n if request.method == 'POST':\n csrf_token = request.POST.get(\"csrfmiddlewaretoken\")\n log_code = request.POST.get('log_code')\n api_code = request.POST.get('api_code')\n dirname = os.path.dirname(__file__)\n log_filename = os.path.join(dirn", + "beginColumn" : 1, + "endColumn" : 21 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "fz+EaVgkx6c8NGH/C5fWkQ", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/apis.py.59", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 93, + "endLine" : 111, + "code" : "@csrf_exempt\ndef A7_disscussion_api(request):\n if request.method != 'POST':\n return JsonResponse({\"message\":\"method not allowed\"},status = 405)\n\n try:\n code = request.POST.get('code')\n except:\n return JsonResponse({\"message\":\"missing code\"},status = 400)\n\n search_snipet = \"AF_session_id.objects.get(sesssion_id = coo", + "beginColumn" : 1, + "endColumn" : 21 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "Q75uLvFdW2uPgk7ROEIGfQ", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/apis.py.93", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 112, + "endLine" : 124, + "code" : "@csrf_exempt\ndef A6_disscussion_api(request):\n test_bench = [\"Pillow==8.0.0\",\"PyJWT==2.4.0\",\"requests==2.28.0\",\"Django==4.0.4\"]\n \n try:\n result = check_vuln(test_bench)\n print(len(result))\n if result:\n return JsonResponse({\"message\":\"success\",\"vulns\":result},status = 200)\n return JsonResponse({\"messag", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "Co7hqHDZHJurOpMQCuY9nQ", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/apis.py.112", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/apis.py", + "beginLine" : 125, + "endLine" : 138, + "code" : "@csrf_exempt\ndef A6_disscussion_api_2(request):\n if request.method != 'POST':\n return JsonResponse({\"message\":\"method not allowed\"},status = 405)\n try:\n code = request.POST.get('code')\n dirname = os.path.dirname(__file__)\n filename = os.path.join(dirname, \"playground/A6/utility.py\")\n f = open(filename,\"w\")\n ", + "beginColumn" : 1, + "endColumn" : 60 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "rsIOj1zGtv8EAuuaM77LHA", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/apis.py.125", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.insecure_parser", + "kind" : "misconfiguration", + "severity" : "low", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 260, + "endLine" : 260, + "code" : "parseString(request.body.decode('utf-8'), parser=parser)", + "beginColumn" : 11, + "endColumn" : 66 + }, + "language" : "python", + "container" : "django.http.HttpResponse def xxe_parse(request)", + "confidence" : "high", + "cwes" : [ "CWE-502" ], + "tags" : [ "CWE:502", "in-app-code", "in-repo", "OWASP:2021:A5", "OWASP:2021:A8", "PCI-DSS:6.5.1", "python3" ], + "uniqueHash" : "vyHO0uHW8xxh9ui+Pg/ghQ", + "cwe" : 502, + "issueId" : "SAS.misconfiguration.python.insecure_parser.introduction/views.py.260", + "explanation" : "This parser is deemed insecure because its use may result in XXE vulnerabilities" + }, { + "detector" : "python.insecure_parser", + "kind" : "misconfiguration", + "severity" : "low", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 560, + "endLine" : 560, + "code" : "yaml.load(file,yaml.Loader)", + "beginColumn" : 28, + "endColumn" : 54 + }, + "language" : "python", + "container" : "def a9_lab(request)", + "confidence" : "high", + "cwes" : [ "CWE-502" ], + "tags" : [ "CWE:502", "in-app-code", "in-repo", "OWASP:2021:A5", "OWASP:2021:A8", "PCI-DSS:6.5.1", "pyyaml" ], + "uniqueHash" : "grRNY8LnzJsxJRw9Cbzt8w", + "cwe" : 502, + "issueId" : "SAS.misconfiguration.python.insecure_parser.introduction/views.py.560", + "explanation" : "This parser is deemed insecure because its use may result in code deserialization injection vulnerabilities" + }, { + "detector" : "python.code_injection_deserialization", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 214, + "endLine" : 214, + "code" : "pickle.loads(token)", + "beginColumn" : 21, + "endColumn" : 39 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 208, + "endLine" : 208, + "code" : "token = request.COOKIES.get('token')", + "beginColumn" : 9, + "endColumn" : 13 + }, + "container" : "def insec_des_lab(request)", + "injectionPoint" : "token", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 214, + "endLine" : 214, + "code" : "pickle.loads(token)", + "beginColumn" : 28, + "endColumn" : 32 + }, + "container" : "def insec_des_lab(request)", + "category" : "code_injection_deserialization" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 208, + "endLine" : 208, + "code" : "token = request.COOKIES.get('token')", + "beginColumn" : 9, + "endColumn" : 13 + }, + "variableName" : "token" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 213, + "endLine" : 213, + "code" : "base64.b64decode(token)", + "beginColumn" : 38, + "endColumn" : 42 + }, + "variableName" : "token" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 214, + "endLine" : 214, + "code" : "pickle.loads(token)", + "beginColumn" : 34, + "endColumn" : 38 + }, + "variableName" : "token" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-502" ], + "tags" : [ "CWE:502", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.1", "python3" ], + "uniqueHash" : "80fbpT3pHfxiL25dgPUwOg", + "cwe" : 502, + "issueId" : "SAS.injection.python.code_injection_deserialization.introduction/views.py.214", + "explanation" : "Improper deserialization of untrusted data" + }, { + "detector" : "python.code_injection_deserialization", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 560, + "endLine" : 560, + "code" : "yaml.load(file,yaml.Loader)", + "beginColumn" : 28, + "endColumn" : 54 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 558, + "endLine" : 558, + "code" : "file=request.FILES[\"file\"]", + "beginColumn" : 17, + "endColumn" : 20 + }, + "container" : "def a9_lab(request)", + "injectionPoint" : "file", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 560, + "endLine" : 560, + "code" : "yaml.load(file,yaml.Loader)", + "beginColumn" : 33, + "endColumn" : 36 + }, + "container" : "def a9_lab(request)", + "category" : "code_injection_deserialization" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 558, + "endLine" : 558, + "code" : "file=request.FILES[\"file\"]", + "beginColumn" : 17, + "endColumn" : 20 + }, + "variableName" : "file" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 560, + "endLine" : 560, + "code" : "yaml.load(file,yaml.Loader)", + "beginColumn" : 38, + "endColumn" : 41 + }, + "variableName" : "file" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-502" ], + "tags" : [ "CWE:502", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A8", "PCI-DSS:6.5.1", "pyyaml" ], + "uniqueHash" : "7mxG/Z9ni3GjdwW3pY7kRQ", + "cwe" : 502, + "issueId" : "SAS.injection.python.code_injection_deserialization.introduction/views.py.560", + "explanation" : "Improper deserialization of untrusted data" + }, { + "detector" : "python.code_injection", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 460, + "endLine" : 460, + "code" : "eval(val)", + "beginColumn" : 26, + "endColumn" : 34 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 456, + "endLine" : 456, + "code" : "val=request.POST.get('val')", + "beginColumn" : 13, + "endColumn" : 15 + }, + "container" : "def cmd_lab2(request)", + "injectionPoint" : "val", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 460, + "endLine" : 460, + "code" : "eval(val)", + "beginColumn" : 26, + "endColumn" : 29 + }, + "container" : "def cmd_lab2(request)", + "category" : "code_injection" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 456, + "endLine" : 456, + "code" : "val=request.POST.get('val')", + "beginColumn" : 13, + "endColumn" : 15 + }, + "variableName" : "val" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 460, + "endLine" : 460, + "code" : "eval(val)", + "beginColumn" : 31, + "endColumn" : 33 + }, + "variableName" : "val" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-95" ], + "tags" : [ "CWE:95", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "rXSLzNr1vk/j5hag3vT8OA", + "cwe" : 95, + "issueId" : "SAS.injection.python.code_injection.introduction/views.py.460", + "explanation" : "Improper neutralization of directives in dynamically evaluated code ('Eval Injection')" + }, { + "detector" : "python.observable_timing_discrepancy", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 766, + "endLine" : 766, + "code" : "name=='jack' and password=='jacktheripper'", + "beginColumn" : 15, + "endColumn" : 56 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 754, + "endLine" : 754, + "code" : "password = request.POST.get('pass')", + "beginColumn" : 5, + "endColumn" : 12 + }, + "container" : "def a1_broken_access_lab_1(request)", + "injectionPoint" : "password", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 766, + "endLine" : 766, + "code" : "name=='jack' and password=='jacktheripper'", + "beginColumn" : 32, + "endColumn" : 56 + }, + "container" : "def a1_broken_access_lab_1(request)", + "category" : "observable_timing_discrepancy" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 754, + "endLine" : 754, + "code" : "password = request.POST.get('pass')", + "beginColumn" : 5, + "endColumn" : 12 + }, + "variableName" : "password" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 766, + "endLine" : 766, + "code" : "name=='jack' and password=='jacktheripper'", + "beginColumn" : 32, + "endColumn" : 39 + }, + "variableName" : "password" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-208" ], + "tags" : [ "CWE:208", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "RXR7RBfrF+ymRcyIjn+wiQ", + "cwe" : 208, + "issueId" : "SAS.information_leak.python.observable_timing_discrepancy.introduction/views.py.766", + "explanation" : "When passwords or secrets are compared in plaintext form, there is a risk that an attacker could deduce their value by monitoring the timing of these comparisons" + }, { + "detector" : "python.observable_timing_discrepancy", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 806, + "endLine" : 806, + "code" : "name=='jack' and password=='jacktheripper'", + "beginColumn" : 16, + "endColumn" : 57 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 790, + "endLine" : 790, + "code" : "password = request.POST.get('pass')", + "beginColumn" : 5, + "endColumn" : 12 + }, + "container" : "def a1_broken_access_lab_2(request)", + "injectionPoint" : "password", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 806, + "endLine" : 806, + "code" : "name=='jack' and password=='jacktheripper'", + "beginColumn" : 33, + "endColumn" : 57 + }, + "container" : "def a1_broken_access_lab_2(request)", + "category" : "observable_timing_discrepancy" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 790, + "endLine" : 790, + "code" : "password = request.POST.get('pass')", + "beginColumn" : 5, + "endColumn" : 12 + }, + "variableName" : "password" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 806, + "endLine" : 806, + "code" : "name=='jack' and password=='jacktheripper'", + "beginColumn" : 33, + "endColumn" : 40 + }, + "variableName" : "password" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-208" ], + "tags" : [ "CWE:208", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "RXR7RBfrF+ymRcyIjn+wiQ", + "cwe" : 208, + "issueId" : "SAS.information_leak.python.observable_timing_discrepancy.introduction/views.py.806", + "explanation" : "When passwords or secrets are compared in plaintext form, there is a risk that an attacker could deduce their value by monitoring the timing of these comparisons" + }, { + "detector" : "python.observable_timing_discrepancy", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 831, + "endLine" : 831, + "code" : "username == 'John' and password == 'reaper'", + "beginColumn" : 12, + "endColumn" : 54 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 829, + "endLine" : 829, + "code" : "password = request.POST[\"password\"]", + "beginColumn" : 9, + "endColumn" : 16 + }, + "container" : "def a1_broken_access_lab_3(request)", + "injectionPoint" : "password", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 831, + "endLine" : 831, + "code" : "username == 'John' and password == 'reaper'", + "beginColumn" : 35, + "endColumn" : 54 + }, + "container" : "def a1_broken_access_lab_3(request)", + "category" : "observable_timing_discrepancy" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 829, + "endLine" : 829, + "code" : "password = request.POST[\"password\"]", + "beginColumn" : 9, + "endColumn" : 16 + }, + "variableName" : "password" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 831, + "endLine" : 831, + "code" : "username == 'John' and password == 'reaper'", + "beginColumn" : 35, + "endColumn" : 42 + }, + "variableName" : "password" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-208" ], + "tags" : [ "CWE:208", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "cyUe1K9ulZ5F2Z8QBSSCPA", + "cwe" : 208, + "issueId" : "SAS.information_leak.python.observable_timing_discrepancy.introduction/views.py.831", + "explanation" : "When passwords or secrets are compared in plaintext form, there is a risk that an attacker could deduce their value by monitoring the timing of these comparisons" + }, { + "detector" : "python.observable_timing_discrepancy", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 833, + "endLine" : 833, + "code" : "username == 'admin' and password == 'admin_pass'", + "beginColumn" : 14, + "endColumn" : 61 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 829, + "endLine" : 829, + "code" : "password = request.POST[\"password\"]", + "beginColumn" : 9, + "endColumn" : 16 + }, + "container" : "def a1_broken_access_lab_3(request)", + "injectionPoint" : "password", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 833, + "endLine" : 833, + "code" : "username == 'admin' and password == 'admin_pass'", + "beginColumn" : 38, + "endColumn" : 61 + }, + "container" : "def a1_broken_access_lab_3(request)", + "category" : "observable_timing_discrepancy" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 829, + "endLine" : 829, + "code" : "password = request.POST[\"password\"]", + "beginColumn" : 9, + "endColumn" : 16 + }, + "variableName" : "password" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 833, + "endLine" : 833, + "code" : "username == 'admin' and password == 'admin_pass'", + "beginColumn" : 38, + "endColumn" : 45 + }, + "variableName" : "password" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-208" ], + "tags" : [ "CWE:208", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "Tv2peNjeY1IYT5EiZhsCeQ", + "cwe" : 208, + "issueId" : "SAS.information_leak.python.observable_timing_discrepancy.introduction/views.py.833", + "explanation" : "When passwords or secrets are compared in plaintext form, there is a risk that an attacker could deduce their value by monitoring the timing of these comparisons" + }, { + "detector" : "python.observable_timing_discrepancy", + "kind" : "information_leak", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1072, + "endLine" : 1072, + "code" : "username == \"User\" and password == \"P@$$w0rd\"", + "beginColumn" : 20, + "endColumn" : 64 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1070, + "endLine" : 1070, + "code" : "password = request.POST[\"password\"]", + "beginColumn" : 13, + "endColumn" : 20 + }, + "container" : "django.http.HttpResponse def crypto_failure_lab3(request)", + "injectionPoint" : "password", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1072, + "endLine" : 1072, + "code" : "username == \"User\" and password == \"P@$$w0rd\"", + "beginColumn" : 43, + "endColumn" : 64 + }, + "container" : "django.http.HttpResponse def crypto_failure_lab3(request)", + "category" : "observable_timing_discrepancy" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1070, + "endLine" : 1070, + "code" : "password = request.POST[\"password\"]", + "beginColumn" : 13, + "endColumn" : 20 + }, + "variableName" : "password" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1072, + "endLine" : 1072, + "code" : "username == \"User\" and password == \"P@$$w0rd\"", + "beginColumn" : 43, + "endColumn" : 50 + }, + "variableName" : "password" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-208" ], + "tags" : [ "CWE:208", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "wI1XJslXTf/9ujZaymu8MQ", + "cwe" : 208, + "issueId" : "SAS.information_leak.python.observable_timing_discrepancy.introduction/views.py.1072", + "explanation" : "When passwords or secrets are compared in plaintext form, there is a risk that an attacker could deduce their value by monitoring the timing of these comparisons" + }, { + "detector" : "python.no_use_eval", + "kind" : "risky_values", + "severity" : "low", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 460, + "endLine" : 460, + "code" : "eval(val)", + "beginColumn" : 26, + "endColumn" : 34 + }, + "language" : "python", + "container" : "def cmd_lab2(request)", + "confidence" : "high", + "cwes" : [ "CWE-95" ], + "tags" : [ "CWE:95", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "/7EZSG7yeOxiCC6JhPnM6g", + "cwe" : 95, + "issueId" : "SAS.risky_values.python.no_use_eval.introduction/views.py.460", + "explanation" : "Do not use eval()" + }, { + "detector" : "python.external_request_dos", + "kind" : "resource_management", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 963, + "endLine" : 963, + "code" : "requests.get(url)", + "beginColumn" : 24, + "endColumn" : 40 + }, + "language" : "python", + "container" : "django.http.HttpResponse def ssrf_lab2(request)", + "confidence" : "high", + "cwes" : [ "CWE-1088" ], + "tags" : [ "CWE:1088", "in-app-code", "in-repo", "NIST.SP.800-53" ], + "uniqueHash" : "Doy6OAVGxL+Lks+o6Ev1NA", + "cwe" : 1088, + "issueId" : "SAS.resource_management.python.external_request_dos.introduction/views.py.963", + "explanation" : "External request performed without a timeout" + }, { + "detector" : "python.user_controlled_primary_key", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1183, + "endLine" : 1183, + "code" : "AF_session_id.objects.get(session_id=cookie)", + "beginColumn" : 23, + "endColumn" : 66 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1182, + "endLine" : 1182, + "code" : "cookie = request.COOKIES[\"session_id\"]", + "beginColumn" : 13, + "endColumn" : 18 + }, + "container" : "django.http.HttpResponse def auth_failure_lab3(request)", + "injectionPoint" : "cookie", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1183, + "endLine" : 1183, + "code" : "AF_session_id.objects.get(session_id=cookie)", + "beginColumn" : 60, + "endColumn" : 65 + }, + "container" : "django.http.HttpResponse def auth_failure_lab3(request)", + "category" : "primary_controlled_key" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1182, + "endLine" : 1182, + "code" : "cookie = request.COOKIES[\"session_id\"]", + "beginColumn" : 13, + "endColumn" : 18 + }, + "variableName" : "cookie" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1183, + "endLine" : 1183, + "code" : "AF_session_id.objects.get(session_id=cookie)", + "beginColumn" : 60, + "endColumn" : 65 + }, + "variableName" : "cookie" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-566" ], + "tags" : [ "CWE:566", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.6" ], + "uniqueHash" : "G9b4HicUSgoF0WFympCqpA", + "cwe" : 566, + "issueId" : "SAS.misconfiguration.python.user_controlled_primary_key.introduction/views.py.1183", + "explanation" : "Authorization bypass through user-controlled SQL primary key" + }, { + "detector" : "python.path_traversal", + "kind" : "path_resolution", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 927, + "endLine" : 927, + "code" : "open(filename,\"r\")", + "beginColumn" : 24, + "endColumn" : 41 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 923, + "endLine" : 923, + "code" : "file=request.POST[\"blog\"]", + "beginColumn" : 13, + "endColumn" : 16 + }, + "container" : "def ssrf_lab(request)", + "injectionPoint" : "file", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 927, + "endLine" : 927, + "code" : "open(filename,\"r\")", + "beginColumn" : 24, + "endColumn" : 27 + }, + "container" : "def ssrf_lab(request)", + "category" : "path_traversal" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 923, + "endLine" : 923, + "code" : "file=request.POST[\"blog\"]", + "beginColumn" : 13, + "endColumn" : 16 + }, + "variableName" : "file" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 926, + "endLine" : 926, + "code" : "os.path.join(dirname, file)", + "beginColumn" : 50, + "endColumn" : 53 + }, + "variableName" : "file" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 927, + "endLine" : 927, + "code" : "open(filename,\"r\")", + "beginColumn" : 29, + "endColumn" : 36 + }, + "variableName" : "filename" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-22" ], + "tags" : [ "CWE:22", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "OWASP:2021:A5", "PCI-DSS:6.5.8", "python3" ], + "uniqueHash" : "Gv4Xc5X5ANwOb5Kd4D/cdQ", + "cwe" : 22, + "issueId" : "SAS.path_resolution.python.path_traversal.introduction/views.py.927", + "explanation" : "Improper limitation of a pathname to a restricted directory" + }, { + "detector" : "python.http_parameter_pollution", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 963, + "endLine" : 963, + "code" : "requests.get(url)", + "beginColumn" : 24, + "endColumn" : 40 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 961, + "endLine" : 961, + "code" : "url = request.POST[\"url\"]", + "beginColumn" : 9, + "endColumn" : 11 + }, + "container" : "django.http.HttpResponse def ssrf_lab2(request)", + "injectionPoint" : "url", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 963, + "endLine" : 963, + "code" : "requests.get(url)", + "beginColumn" : 33, + "endColumn" : 35 + }, + "container" : "django.http.HttpResponse def ssrf_lab2(request)", + "category" : "http_parameter_pollution" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 961, + "endLine" : 961, + "code" : "url = request.POST[\"url\"]", + "beginColumn" : 9, + "endColumn" : 11 + }, + "variableName" : "url" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 963, + "endLine" : 963, + "code" : "requests.get(url)", + "beginColumn" : 37, + "endColumn" : 39 + }, + "variableName" : "url" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-235" ], + "tags" : [ "CWE:235", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "dFbLQ4/heSgBIjagAL8g9w", + "cwe" : 235, + "issueId" : "SAS.injection.python.http_parameter_pollution.introduction/views.py.963", + "explanation" : "Improper neutralization of special elements into path, query string, or parameters of HTTP requests" + }, { + "detector" : "python.server_side_request_forgery", + "kind" : "channel", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 963, + "endLine" : 963, + "code" : "requests.get(url)", + "beginColumn" : 24, + "endColumn" : 40 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 961, + "endLine" : 961, + "code" : "url = request.POST[\"url\"]", + "beginColumn" : 9, + "endColumn" : 11 + }, + "container" : "django.http.HttpResponse def ssrf_lab2(request)", + "injectionPoint" : "url", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 963, + "endLine" : 963, + "code" : "requests.get(url)", + "beginColumn" : 33, + "endColumn" : 35 + }, + "container" : "django.http.HttpResponse def ssrf_lab2(request)", + "category" : "ssrf" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 961, + "endLine" : 961, + "code" : "url = request.POST[\"url\"]", + "beginColumn" : 9, + "endColumn" : 11 + }, + "variableName" : "url" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 963, + "endLine" : 963, + "code" : "requests.get(url)", + "beginColumn" : 37, + "endColumn" : 39 + }, + "variableName" : "url" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-918" ], + "tags" : [ "CWE:918", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A10", "PCI-DSS:6.5.8" ], + "uniqueHash" : "H+LlJXQaX6Ut4GceeSrsIg", + "cwe" : 918, + "issueId" : "SAS.channel.python.server_side_request_forgery.introduction/views.py.963", + "explanation" : "Improper validation of external input used to retrieve the content of an URL ('SSRF')" + }, { + "detector" : "python.sql_injection", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 162, + "endLine" : 162, + "code" : "login.objects.raw(sql_query)", + "beginColumn" : 25, + "endColumn" : 52 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 152, + "endLine" : 152, + "code" : "password=request.POST.get('pass')", + "beginColumn" : 9, + "endColumn" : 16 + }, + "container" : "def sql_lab(request)", + "injectionPoint" : "password", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 162, + "endLine" : 162, + "code" : "login.objects.raw(sql_query)", + "beginColumn" : 39, + "endColumn" : 41 + }, + "container" : "def sql_lab(request)", + "category" : "sql_injection" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 152, + "endLine" : 152, + "code" : "password=request.POST.get('pass')", + "beginColumn" : 9, + "endColumn" : 16 + }, + "variableName" : "password" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 158, + "endLine" : 158, + "code" : "sql_query = \"SELECT * FROM introduction_login WHERE user='\"+name+\"' AND password='\"+password+\"'\"", + "beginColumn" : 101, + "endColumn" : 108 + }, + "variableName" : "password" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 162, + "endLine" : 162, + "code" : "login.objects.raw(sql_query)", + "beginColumn" : 43, + "endColumn" : 51 + }, + "variableName" : "sql_query" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-89" ], + "tags" : [ "CWE:89", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "XefJ2wevgG8Vd7/Yf9+j/Q", + "cwe" : 89, + "issueId" : "SAS.injection.python.sql_injection.introduction/views.py.162", + "explanation" : "Improper neutralization of special elements in SQL Commands ('SQL Injection' aka 'SQLi')" + }, { + "detector" : "python.sql_injection", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 878, + "endLine" : 878, + "code" : "sql_lab_table.objects.raw(sql_query)", + "beginColumn" : 24, + "endColumn" : 59 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 859, + "endLine" : 859, + "code" : "password=request.POST.get('pass')", + "beginColumn" : 9, + "endColumn" : 16 + }, + "container" : "def injection_sql_lab(request)", + "injectionPoint" : "password", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 878, + "endLine" : 878, + "code" : "sql_lab_table.objects.raw(sql_query)", + "beginColumn" : 46, + "endColumn" : 48 + }, + "container" : "def injection_sql_lab(request)", + "category" : "sql_injection" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 859, + "endLine" : 859, + "code" : "password=request.POST.get('pass')", + "beginColumn" : 9, + "endColumn" : 16 + }, + "variableName" : "password" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 864, + "endLine" : 864, + "code" : "sql_query = \"SELECT * FROM introduction_sql_lab_table WHERE id='\"+name+\"'AND password='\"+password+\"'\"", + "beginColumn" : 102, + "endColumn" : 109 + }, + "variableName" : "password" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 878, + "endLine" : 878, + "code" : "sql_lab_table.objects.raw(sql_query)", + "beginColumn" : 50, + "endColumn" : 58 + }, + "variableName" : "sql_query" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-89" ], + "tags" : [ "CWE:89", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "oG4+RDUocpVU6QQD5x5lJg", + "cwe" : 89, + "issueId" : "SAS.injection.python.sql_injection.introduction/views.py.878", + "explanation" : "Improper neutralization of special elements in SQL Commands ('SQL Injection' aka 'SQLi')" + }, { + "detector" : "python.http_splitting", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 291, + "endLine" : 291, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 17, + "endColumn" : 104 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 286, + "endLine" : 286, + "code" : "passwd = request.POST['pass']", + "beginColumn" : 13, + "endColumn" : 18 + }, + "container" : "django.http.HttpResponse def auth_lab_signup(request)", + "injectionPoint" : "passwd", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 291, + "endLine" : 291, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 26, + "endColumn" : 35 + }, + "container" : "django.http.HttpResponse def auth_lab_signup(request)", + "category" : "header_manipulation" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 286, + "endLine" : 286, + "code" : "passwd = request.POST['pass']", + "beginColumn" : 13, + "endColumn" : 18 + }, + "variableName" : "passwd" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 287, + "endLine" : 287, + "code" : "authLogin.objects.create(name=name,username=user_name,password=passwd)", + "beginColumn" : 82, + "endColumn" : 87 + }, + "variableName" : "passwd" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 291, + "endLine" : 291, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 47, + "endColumn" : 49 + }, + "variableName" : "obj" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-113" ], + "tags" : [ "CWE:113", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "w8CkPp2oCaXTuv67bkA3Zg", + "cwe" : 113, + "issueId" : "SAS.injection.python.http_splitting.introduction/views.py.291", + "explanation" : "Improper neutralization of CRLF sequences in HTTP headers ('HTTP Request/Response Splitting')" + }, { + "detector" : "python.http_splitting", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 305, + "endLine" : 305, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 13, + "endColumn" : 100 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 302, + "endLine" : 302, + "code" : "authLogin.objects.filter(userid=request.COOKIES['userid'])[0]", + "beginColumn" : 59, + "endColumn" : 65 + }, + "container" : "django.http.HttpResponse def auth_lab_login(request)", + "injectionPoint" : "obj", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 305, + "endLine" : 305, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 22, + "endColumn" : 31 + }, + "container" : "django.http.HttpResponse def auth_lab_login(request)", + "category" : "header_manipulation" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-113" ], + "tags" : [ "CWE:113", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "w8CkPp2oCaXTuv67bkA3Zg", + "cwe" : 113, + "issueId" : "SAS.injection.python.http_splitting.introduction/views.py.305", + "explanation" : "Improper neutralization of CRLF sequences in HTTP headers ('HTTP Request/Response Splitting')" + }, { + "detector" : "python.http_splitting", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 319, + "endLine" : 319, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 17, + "endColumn" : 104 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 313, + "endLine" : 313, + "code" : "passwd = request.POST['pass']", + "beginColumn" : 13, + "endColumn" : 18 + }, + "container" : "django.http.HttpResponse def auth_lab_login(request)", + "injectionPoint" : "passwd", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 319, + "endLine" : 319, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 26, + "endColumn" : 35 + }, + "container" : "django.http.HttpResponse def auth_lab_login(request)", + "category" : "header_manipulation" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 313, + "endLine" : 313, + "code" : "passwd = request.POST['pass']", + "beginColumn" : 13, + "endColumn" : 18 + }, + "variableName" : "passwd" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 315, + "endLine" : 315, + "code" : "authLogin.objects.filter(username=user_name,password=passwd)[0]", + "beginColumn" : 72, + "endColumn" : 77 + }, + "variableName" : "passwd" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 319, + "endLine" : 319, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 47, + "endColumn" : 49 + }, + "variableName" : "obj" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-113" ], + "tags" : [ "CWE:113", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "w8CkPp2oCaXTuv67bkA3Zg", + "cwe" : 113, + "issueId" : "SAS.injection.python.http_splitting.introduction/views.py.319", + "explanation" : "Improper neutralization of CRLF sequences in HTTP headers ('HTTP Request/Response Splitting')" + }, { + "detector" : "python.http_splitting", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 501, + "endLine" : 501, + "code" : "html.set_cookie(\"email\", email)", + "beginColumn" : 17, + "endColumn" : 47 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 495, + "endLine" : 495, + "code" : "email=request.GET.get('email')", + "beginColumn" : 9, + "endColumn" : 13 + }, + "container" : "django.http.HttpResponse def Otp(request)", + "injectionPoint" : "email", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 501, + "endLine" : 501, + "code" : "html.set_cookie(\"email\", email)", + "beginColumn" : 22, + "endColumn" : 31 + }, + "container" : "django.http.HttpResponse def Otp(request)", + "category" : "header_manipulation" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 495, + "endLine" : 495, + "code" : "email=request.GET.get('email')", + "beginColumn" : 9, + "endColumn" : 13 + }, + "variableName" : "email" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 501, + "endLine" : 501, + "code" : "html.set_cookie(\"email\", email)", + "beginColumn" : 42, + "endColumn" : 46 + }, + "variableName" : "email" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-113" ], + "tags" : [ "CWE:113", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "GvFbmMP/oWwg8b/e2ZlfEA", + "cwe" : 113, + "issueId" : "SAS.injection.python.http_splitting.introduction/views.py.501", + "explanation" : "Improper neutralization of CRLF sequences in HTTP headers ('HTTP Request/Response Splitting')" + }, { + "detector" : "python.http_splitting", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 507, + "endLine" : 507, + "code" : "html.set_cookie(\"email\",email)", + "beginColumn" : 17, + "endColumn" : 46 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 495, + "endLine" : 495, + "code" : "email=request.GET.get('email')", + "beginColumn" : 9, + "endColumn" : 13 + }, + "container" : "django.http.HttpResponse def Otp(request)", + "injectionPoint" : "email", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 507, + "endLine" : 507, + "code" : "html.set_cookie(\"email\",email)", + "beginColumn" : 22, + "endColumn" : 31 + }, + "container" : "django.http.HttpResponse def Otp(request)", + "category" : "header_manipulation" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 495, + "endLine" : 495, + "code" : "email=request.GET.get('email')", + "beginColumn" : 9, + "endColumn" : 13 + }, + "variableName" : "email" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 507, + "endLine" : 507, + "code" : "html.set_cookie(\"email\",email)", + "beginColumn" : 41, + "endColumn" : 45 + }, + "variableName" : "email" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-113" ], + "tags" : [ "CWE:113", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "p5nOeZlhQ7TwqulRu8g0bg", + "cwe" : 113, + "issueId" : "SAS.injection.python.http_splitting.introduction/views.py.507", + "explanation" : "Improper neutralization of CRLF sequences in HTTP headers ('HTTP Request/Response Splitting')" + }, { + "detector" : "python.http_splitting", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1076, + "endLine" : 1076, + "code" : "response.set_cookie(\"cookie\", cookie)", + "beginColumn" : 21, + "endColumn" : 57 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1069, + "endLine" : 1069, + "code" : "username = request.POST[\"username\"]", + "beginColumn" : 13, + "endColumn" : 20 + }, + "container" : "django.http.HttpResponse def crypto_failure_lab3(request)", + "injectionPoint" : "username", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1076, + "endLine" : 1076, + "code" : "response.set_cookie(\"cookie\", cookie)", + "beginColumn" : 30, + "endColumn" : 39 + }, + "container" : "django.http.HttpResponse def crypto_failure_lab3(request)", + "category" : "header_manipulation" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1069, + "endLine" : 1069, + "code" : "username = request.POST[\"username\"]", + "beginColumn" : 13, + "endColumn" : 20 + }, + "variableName" : "username" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1074, + "endLine" : 1074, + "code" : "cookie = f\"{username}|{expire}\"", + "beginColumn" : 33, + "endColumn" : 40 + }, + "variableName" : "username" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1076, + "endLine" : 1076, + "code" : "response.set_cookie(\"cookie\", cookie)", + "beginColumn" : 51, + "endColumn" : 56 + }, + "variableName" : "cookie" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-113" ], + "tags" : [ "CWE:113", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.1" ], + "uniqueHash" : "M27dCaoHqS6JLS6xF4elcQ", + "cwe" : 113, + "issueId" : "SAS.injection.python.http_splitting.introduction/views.py.1076", + "explanation" : "Improper neutralization of CRLF sequences in HTTP headers ('HTTP Request/Response Splitting')" + }, { + "detector" : "python.cross_site_scripting", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 290, + "endLine" : 290, + "code" : "HttpResponse(rendered)", + "beginColumn" : 28, + "endColumn" : 49 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 287, + "endLine" : 287, + "code" : "obj = authLogin.objects.create(name=name,username=user_name,password=passwd)", + "beginColumn" : 13, + "endColumn" : 15 + }, + "container" : "django.http.HttpResponse def auth_lab_signup(request)", + "injectionPoint" : "obj", + "category" : "database_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 290, + "endLine" : 290, + "code" : "HttpResponse(rendered)", + "beginColumn" : 28, + "endColumn" : 39 + }, + "container" : "django.http.HttpResponse def auth_lab_signup(request)", + "category" : "xss" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 287, + "endLine" : 287, + "code" : "obj = authLogin.objects.create(name=name,username=user_name,password=passwd)", + "beginColumn" : 13, + "endColumn" : 15 + }, + "variableName" : "obj" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 289, + "endLine" : 289, + "code" : "render_to_string('Lab/AUTH/auth_success.html', {'username': obj.username,'userid':obj.userid,'name':obj.name,'err_msg':'Cookie Set'})", + "beginColumn" : 88, + "endColumn" : 90 + }, + "variableName" : "obj" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 290, + "endLine" : 290, + "code" : "HttpResponse(rendered)", + "beginColumn" : 41, + "endColumn" : 48 + }, + "variableName" : "rendered" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.7" ], + "uniqueHash" : "qovxUdMx1+UqG9rHynHNZA", + "cwe" : 79, + "issueId" : "SAS.injection.python.cross_site_scripting.introduction/views.py.290", + "explanation" : "Unsanitized input of kind: 'database_input' used to render HTML may result into a Stored XSS" + }, { + "detector" : "python.cross_site_scripting", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 304, + "endLine" : 304, + "code" : "HttpResponse(rendered)", + "beginColumn" : 24, + "endColumn" : 45 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 302, + "endLine" : 302, + "code" : "obj = authLogin.objects.filter(userid=request.COOKIES['userid'])[0]", + "beginColumn" : 13, + "endColumn" : 15 + }, + "container" : "django.http.HttpResponse def auth_lab_login(request)", + "injectionPoint" : "obj", + "category" : "database_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 304, + "endLine" : 304, + "code" : "HttpResponse(rendered)", + "beginColumn" : 24, + "endColumn" : 35 + }, + "container" : "django.http.HttpResponse def auth_lab_login(request)", + "category" : "xss" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 302, + "endLine" : 302, + "code" : "obj = authLogin.objects.filter(userid=request.COOKIES['userid'])[0]", + "beginColumn" : 13, + "endColumn" : 15 + }, + "variableName" : "obj" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 303, + "endLine" : 303, + "code" : "render_to_string('Lab/AUTH/auth_success.html', {'username': obj.username,'userid':obj.userid,'name':obj.name, 'err_msg':'Login Successful'})", + "beginColumn" : 84, + "endColumn" : 86 + }, + "variableName" : "obj" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 304, + "endLine" : 304, + "code" : "HttpResponse(rendered)", + "beginColumn" : 37, + "endColumn" : 44 + }, + "variableName" : "rendered" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.7" ], + "uniqueHash" : "qovxUdMx1+UqG9rHynHNZA", + "cwe" : 79, + "issueId" : "SAS.injection.python.cross_site_scripting.introduction/views.py.304", + "explanation" : "Unsanitized input of kind: 'database_input' used to render HTML may result into a Stored XSS" + }, { + "detector" : "python.cross_site_scripting", + "kind" : "injection", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 318, + "endLine" : 318, + "code" : "HttpResponse(rendered)", + "beginColumn" : 28, + "endColumn" : 49 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 315, + "endLine" : 315, + "code" : "obj = authLogin.objects.filter(username=user_name,password=passwd)[0]", + "beginColumn" : 13, + "endColumn" : 15 + }, + "container" : "django.http.HttpResponse def auth_lab_login(request)", + "injectionPoint" : "obj", + "category" : "database_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 318, + "endLine" : 318, + "code" : "HttpResponse(rendered)", + "beginColumn" : 28, + "endColumn" : 39 + }, + "container" : "django.http.HttpResponse def auth_lab_login(request)", + "category" : "xss" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 315, + "endLine" : 315, + "code" : "obj = authLogin.objects.filter(username=user_name,password=passwd)[0]", + "beginColumn" : 13, + "endColumn" : 15 + }, + "variableName" : "obj" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 317, + "endLine" : 317, + "code" : "render_to_string('Lab/AUTH/auth_success.html', {'username': obj.username,'userid':obj.userid,'name':obj.name, 'err_msg':'Login Successful'})", + "beginColumn" : 88, + "endColumn" : 90 + }, + "variableName" : "obj" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 318, + "endLine" : 318, + "code" : "HttpResponse(rendered)", + "beginColumn" : 41, + "endColumn" : 48 + }, + "variableName" : "rendered" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-79" ], + "tags" : [ "CWE:79", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A3", "PCI-DSS:6.5.7" ], + "uniqueHash" : "qovxUdMx1+UqG9rHynHNZA", + "cwe" : 79, + "issueId" : "SAS.injection.python.cross_site_scripting.introduction/views.py.318", + "explanation" : "Unsanitized input of kind: 'database_input' used to render HTML may result into a Stored XSS" + }, { + "detector" : "python.weak_password_hash", + "kind" : "cryptography", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1194, + "endLine" : 1194, + "code" : "hashlib.sha256(password.encode()).hexdigest()", + "beginColumn" : 24, + "endColumn" : 68 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-916" ], + "tags" : [ "CCN-AGREED/PasswordMechanisms", "CWE:916", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A2", "PCI-DSS:6.5.3" ], + "uniqueHash" : "eXqqeMhKyryFWI+WnH4UyQ", + "cwe" : 916, + "issueId" : "SAS.cryptography.python.weak_password_hash.introduction/views.py.1194", + "explanation" : "Use of Password Hash With Insufficient Computational Effort" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 239, + "endLine" : 254, + "code" : "@csrf_exempt\ndef xxe_see(request):\n if request.user.is_authenticated:\n # Get first comment or create a default one if none exist\n comment_obj = comments.objects.first()\n if comment_obj is None:\n comment_obj = comments.objects.create(\n name='System',\n comment='Default comment for XXE l", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "gWMSO5LPtfXiuLGmPWxe2Q", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/views.py.239", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 255, + "endLine" : 271, + "code" : "@csrf_exempt\ndef xxe_parse(request):\n\n parser = make_parser()\n parser.setFeature(feature_external_ges, True)\n doc = parseString(request.body.decode('utf-8'), parser=parser)\n for event, node in doc:\n if event == START_ELEMENT and node.tagName == 'text':\n doc.expandNode(node)\n text = node.toxml()\n startInd ", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "b8m/nxxZywdOynikkAho9Q", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/views.py.255", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 335, + "endLine" : 340, + "code" : "@csrf_exempt\ndef ba(request):\n if request.user.is_authenticated:\n return render(request,\"Lab/BrokenAccess/ba.html\")\n else:\n return redirect('login')\n", + "beginColumn" : 1, + "endColumn" : 33 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "Qadc/fsVzlpSBgszExPWxw", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/views.py.335", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 341, + "endLine" : 385, + "code" : "@csrf_exempt\ndef ba_lab(request):\n if request.user.is_authenticated:\n name = request.POST.get('name')\n password = request.POST.get('pass')\n if name:\n if request.COOKIES.get('admin') == \"1\":\n return render(\n request, \n 'Lab/BrokenAccess/ba_lab.html', \n ", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "4pkljFJ8S6xndRp3IFt9qA", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/views.py.341", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 414, + "endLine" : 451, + "code" : "@csrf_exempt\ndef cmd_lab(request):\n if request.user.is_authenticated:\n if(request.method==\"POST\"):\n domain=request.POST.get('domain')\n # Remove all common protocols (case-insensitive) and www prefix\n domain = re.sub(r'^(?:(https?|ftp)://)?(?:www\\.)?', '', domain, flags=re.IGNORECASE)\n os=request", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "vAGw4eJGHRczDjaTTQmRXA", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/views.py.414", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 452, + "endLine" : 472, + "code" : "@csrf_exempt\ndef cmd_lab2(request):\n if request.user.is_authenticated:\n if (request.method==\"POST\"):\n val=request.POST.get('val')\n \n print(val)\n try:\n output = eval(val)\n except:\n output = \"Something went wrong\"\n return render(request,'Lab/", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "Hjiu1p+xt1eMR29d+GzSZg", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/views.py.452", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 492, + "endLine" : 522, + "code" : "@csrf_exempt\ndef Otp(request):\n if request.method==\"GET\":\n email=request.GET.get('email')\n otpN=randint(100,999)\n if email and otpN:\n if email==\"admin@pygoat.com\":\n otp.objects.filter(id=2).update(otp=otpN)\n html = render(request, \"Lab/BrokenAuth/otp.html\", {\"otp\":\"Sent To Admin Mail ", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "4maoSGHz9qs5zhEejLVYaw", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/views.py.492", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 550, + "endLine" : 569, + "code" : "@csrf_exempt\ndef a9_lab(request):\n if request.user.is_authenticated:\n if request.method==\"GET\":\n return render(request,\"Lab/A9/a9_lab.html\")\n else:\n\n try :\n file=request.FILES[\"file\"]\n try :\n data = yaml.load(file,yaml.Loader)\n \n ", + "beginColumn" : 1, + "endColumn" : 33 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "SKYdY6B59x3H9ggT5Dk+zQ", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/views.py.550", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 573, + "endLine" : 607, + "code" : "@csrf_exempt\ndef a9_lab2(request):\n if not request.user.is_authenticated:\n return redirect('login')\n \n if request.method == \"GET\":\n return render (request,\"Lab/A9/a9_lab2.html\")\n elif request.method == \"POST\":\n try :\n file=request.FILES[\"file\"]\n function_str = request.POST.get(\"function\")\n ", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "xKQyclTVch88BdOV7ZRB7w", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/views.py.573", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 738, + "endLine" : 745, + "code" : "@csrf_exempt\ndef a1_broken_access(request):\n if not request.user.is_authenticated:\n return redirect('login')\n \n return render(request,\"Lab_2021/A1_BrokenAccessControl/broken_access.html\")\n\n\n", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "czyMalIn7qW1gmHw5gElSA", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/views.py.738", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 746, + "endLine" : 781, + "code" : "@csrf_exempt\ndef a1_broken_access_lab_1(request):\n if request.user.is_authenticated:\n pass\n else:\n return redirect('login')\n \n name = request.POST.get('name')\n password = request.POST.get('pass')\n print(password)\n print(name)\n if name:\n if request.COOKIES.get('admin') == \"1\":\n return render(\n ", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "I9ZseLlS77bJgbJIyXg2OA", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/views.py.746", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 782, + "endLine" : 821, + "code" : "@csrf_exempt\ndef a1_broken_access_lab_2(request):\n if request.user.is_authenticated:\n pass\n else:\n return redirect('login')\n \n name = request.POST.get('name')\n password = request.POST.get('pass')\n user_agent = request.META['HTTP_USER_AGENT']\n\n # print(name)\n # print(password)\n print(user_agent)\n if name :", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "2fgl+w2+wcrdMFrjgG20Ig", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/views.py.782", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 846, + "endLine" : 853, + "code" : "@csrf_exempt\ndef injection(request):\n if not request.user.is_authenticated:\n return redirect('login')\n \n return render(request,\"Lab_2021/A3_Injection/injection.html\")\n\n\n", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "yCPkx+pdqya/GcF3JWS41A", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/views.py.846", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 854, + "endLine" : 911, + "code" : "@csrf_exempt\ndef injection_sql_lab(request):\n if request.user.is_authenticated:\n\n name=request.POST.get('name')\n password=request.POST.get('pass')\n print(name)\n print(password)\n\n if name:\n sql_query = \"SELECT * FROM introduction_sql_lab_table WHERE id='\"+name+\"'AND password='\"+password+\"'\"\n\n ", + "beginColumn" : 1, + "endColumn" : 1 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "EBR8opMmULHgHNzbhAezKQ", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/views.py.854", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1177, + "endLine" : 1207, + "code" : "@authentication_decorator\n@csrf_exempt\ndef auth_failure_lab3(request):\n if request.method == \"GET\":\n try:\n cookie = request.COOKIES[\"session_id\"]\n session = AF_session_id.objects.get(session_id=cookie)\n if session :\n return render(request,\"Lab_2021/A7_auth_failure/lab3.html\", {\"username\":ses", + "beginColumn" : 1, + "endColumn" : 31 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "fZ68qo7IajDwQUWBKZsrFg", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.introduction/views.py.1177", + "explanation" : "Django CSRF protection has been explicitly disabled" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 211, + "endLine" : 211, + "code" : "response.set_cookie(key='token',value=token.decode('utf-8'))", + "beginColumn" : 13, + "endColumn" : 72 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "yvR9hCQ/7iF7z9zi1uXXnQ", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.introduction/views.py.211", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 211, + "endLine" : 211, + "code" : "response.set_cookie(key='token',value=token.decode('utf-8'))", + "beginColumn" : 13, + "endColumn" : 72 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "jcn6KrLh3DKavlKQ6vxPQw", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.introduction/views.py.211", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 211, + "endLine" : 211, + "code" : "response.set_cookie(key='token',value=token.decode('utf-8'))", + "beginColumn" : 13, + "endColumn" : 72 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "Yo8vdVfv1T/xizCDW4r8sw", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.introduction/views.py.211", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 291, + "endLine" : 291, + "code" : "max_age=31449600", + "beginColumn" : 59, + "endColumn" : 74 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-539" ], + "properties" : { + "unique.hash.prop" : "persistence" + }, + "tags" : [ "CWE:539", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "6f5bss81mrkezqyUMsoezA", + "cwe" : 539, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.persistence.introduction/views.py.291", + "explanation" : "Persistent cookie: '31,449,600'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 291, + "endLine" : 291, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 17, + "endColumn" : 104 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "4G1z0YTASsMxIQhnZDwjMg", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.introduction/views.py.291", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 291, + "endLine" : 291, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 17, + "endColumn" : 104 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "9NotoWiS9BD2dRCzHOsaUQ", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.introduction/views.py.291", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 291, + "endLine" : 291, + "code" : "secure=False", + "beginColumn" : 92, + "endColumn" : 103 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "Oslr+WdNGfBjb3vBhe+qmQ", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.introduction/views.py.291", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 305, + "endLine" : 305, + "code" : "max_age=31449600", + "beginColumn" : 55, + "endColumn" : 70 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-539" ], + "properties" : { + "unique.hash.prop" : "persistence" + }, + "tags" : [ "CWE:539", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "6f5bss81mrkezqyUMsoezA", + "cwe" : 539, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.persistence.introduction/views.py.305", + "explanation" : "Persistent cookie: '31,449,600'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 305, + "endLine" : 305, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 13, + "endColumn" : 100 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "4G1z0YTASsMxIQhnZDwjMg", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.introduction/views.py.305", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 305, + "endLine" : 305, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 13, + "endColumn" : 100 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "9NotoWiS9BD2dRCzHOsaUQ", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.introduction/views.py.305", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 305, + "endLine" : 305, + "code" : "secure=False", + "beginColumn" : 88, + "endColumn" : 99 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "Oslr+WdNGfBjb3vBhe+qmQ", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.introduction/views.py.305", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 319, + "endLine" : 319, + "code" : "max_age=31449600", + "beginColumn" : 59, + "endColumn" : 74 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-539" ], + "properties" : { + "unique.hash.prop" : "persistence" + }, + "tags" : [ "CWE:539", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "6f5bss81mrkezqyUMsoezA", + "cwe" : 539, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.persistence.introduction/views.py.319", + "explanation" : "Persistent cookie: '31,449,600'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 319, + "endLine" : 319, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 17, + "endColumn" : 104 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "4G1z0YTASsMxIQhnZDwjMg", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.introduction/views.py.319", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 319, + "endLine" : 319, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 17, + "endColumn" : 104 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "9NotoWiS9BD2dRCzHOsaUQ", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.introduction/views.py.319", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 319, + "endLine" : 319, + "code" : "secure=False", + "beginColumn" : 92, + "endColumn" : 103 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "Oslr+WdNGfBjb3vBhe+qmQ", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.introduction/views.py.319", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 363, + "endLine" : 363, + "code" : "max_age=200", + "beginColumn" : 46, + "endColumn" : 56 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-539" ], + "properties" : { + "unique.hash.prop" : "persistence" + }, + "tags" : [ "CWE:539", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "b80viPDCPK19k75ciSsXdg", + "cwe" : 539, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.persistence.introduction/views.py.363", + "explanation" : "Persistent cookie: '200'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 363, + "endLine" : 363, + "code" : "html.set_cookie(\"admin\", \"1\",max_age=200)", + "beginColumn" : 17, + "endColumn" : 57 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "t7zbKWXpfyV0lWNU0CvZ+g", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.introduction/views.py.363", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 363, + "endLine" : 363, + "code" : "html.set_cookie(\"admin\", \"1\",max_age=200)", + "beginColumn" : 17, + "endColumn" : 57 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "vECj6kLti1Y6h/3IzCWjlQ", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.introduction/views.py.363", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 363, + "endLine" : 363, + "code" : "html.set_cookie(\"admin\", \"1\",max_age=200)", + "beginColumn" : 17, + "endColumn" : 57 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "OJEg7uLtXwrkZ1N/5nLsyQ", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.introduction/views.py.363", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 373, + "endLine" : 373, + "code" : "max_age=200", + "beginColumn" : 46, + "endColumn" : 56 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-539" ], + "properties" : { + "unique.hash.prop" : "persistence" + }, + "tags" : [ "CWE:539", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "b80viPDCPK19k75ciSsXdg", + "cwe" : 539, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.persistence.introduction/views.py.373", + "explanation" : "Persistent cookie: '200'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 373, + "endLine" : 373, + "code" : "html.set_cookie(\"admin\", \"0\",max_age=200)", + "beginColumn" : 17, + "endColumn" : 57 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "rod4Yiu/2XzrxXiIZtsX3g", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.introduction/views.py.373", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 373, + "endLine" : 373, + "code" : "html.set_cookie(\"admin\", \"0\",max_age=200)", + "beginColumn" : 17, + "endColumn" : 57 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "Zr3dOUUmS0yQ5PlGMPBmUg", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.introduction/views.py.373", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 373, + "endLine" : 373, + "code" : "html.set_cookie(\"admin\", \"0\",max_age=200)", + "beginColumn" : 17, + "endColumn" : 57 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "bfo6CBfW2w4yl3O1C43sBg", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.introduction/views.py.373", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 501, + "endLine" : 501, + "code" : "html.set_cookie(\"email\", email)", + "beginColumn" : 17, + "endColumn" : 47 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "0y0AN8PZqrIRetxNkfiQSw", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.introduction/views.py.501", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 501, + "endLine" : 501, + "code" : "html.set_cookie(\"email\", email)", + "beginColumn" : 17, + "endColumn" : 47 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "D8s6xVCwX4+UQ+/Mw2ABcw", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.introduction/views.py.501", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 501, + "endLine" : 501, + "code" : "html.set_cookie(\"email\", email)", + "beginColumn" : 17, + "endColumn" : 47 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "tlu7VoUPEW+uAYMypk0xWA", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.introduction/views.py.501", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 507, + "endLine" : 507, + "code" : "html.set_cookie(\"email\",email)", + "beginColumn" : 17, + "endColumn" : 46 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "omY90JuYZEWkdJEo454Q+w", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.introduction/views.py.507", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 507, + "endLine" : 507, + "code" : "html.set_cookie(\"email\",email)", + "beginColumn" : 17, + "endColumn" : 46 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "oB/WiVVLizGhp5Q1i3eK+g", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.introduction/views.py.507", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 507, + "endLine" : 507, + "code" : "html.set_cookie(\"email\",email)", + "beginColumn" : 17, + "endColumn" : 46 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "cjG5gLzzOktLJeOpsrratg", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.introduction/views.py.507", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 774, + "endLine" : 774, + "code" : "max_age=200", + "beginColumn" : 42, + "endColumn" : 52 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-539" ], + "properties" : { + "unique.hash.prop" : "persistence" + }, + "tags" : [ "CWE:539", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "b80viPDCPK19k75ciSsXdg", + "cwe" : 539, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.persistence.introduction/views.py.774", + "explanation" : "Persistent cookie: '200'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 774, + "endLine" : 774, + "code" : "html.set_cookie(\"admin\", \"0\",max_age=200)", + "beginColumn" : 13, + "endColumn" : 53 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "rod4Yiu/2XzrxXiIZtsX3g", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.introduction/views.py.774", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 774, + "endLine" : 774, + "code" : "html.set_cookie(\"admin\", \"0\",max_age=200)", + "beginColumn" : 13, + "endColumn" : 53 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "Zr3dOUUmS0yQ5PlGMPBmUg", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.introduction/views.py.774", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 774, + "endLine" : 774, + "code" : "html.set_cookie(\"admin\", \"0\",max_age=200)", + "beginColumn" : 13, + "endColumn" : 53 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "bfo6CBfW2w4yl3O1C43sBg", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.introduction/views.py.774", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1076, + "endLine" : 1076, + "code" : "response.set_cookie(\"cookie\", cookie)", + "beginColumn" : 21, + "endColumn" : 57 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "bw09YoDuow5iaA9pI0G3Kw", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.introduction/views.py.1076", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1076, + "endLine" : 1076, + "code" : "response.set_cookie(\"cookie\", cookie)", + "beginColumn" : 21, + "endColumn" : 57 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "tra1Xqye91j57ZUiUSQdpw", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.introduction/views.py.1076", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1076, + "endLine" : 1076, + "code" : "response.set_cookie(\"cookie\", cookie)", + "beginColumn" : 21, + "endColumn" : 57 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "XN/rLp47nSkXiVthE8/dxA", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.introduction/views.py.1076", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1081, + "endLine" : 1081, + "code" : "response.set_cookie(\"cookie\", None)", + "beginColumn" : 21, + "endColumn" : 55 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "jTSxVwzERTZXUketMKKuNw", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.introduction/views.py.1081", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1081, + "endLine" : 1081, + "code" : "response.set_cookie(\"cookie\", None)", + "beginColumn" : 21, + "endColumn" : 55 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "7Hw53cnXXgDTj9kz6X0xkg", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.introduction/views.py.1081", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1081, + "endLine" : 1081, + "code" : "response.set_cookie(\"cookie\", None)", + "beginColumn" : 21, + "endColumn" : 55 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "sTvV9zJEGKGPPRJ6nWEEaQ", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.introduction/views.py.1081", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1109, + "endLine" : 1109, + "code" : "response.set_cookie(key = \"auth_cookie\", value = cookie)", + "beginColumn" : 9, + "endColumn" : 64 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "ywJR+5DmqQ/IJ+RqgxLsNQ", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.introduction/views.py.1109", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1109, + "endLine" : 1109, + "code" : "response.set_cookie(key = \"auth_cookie\", value = cookie)", + "beginColumn" : 9, + "endColumn" : 64 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "fpLnv5l0+9gaHbgUEhmksw", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.introduction/views.py.1109", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1109, + "endLine" : 1109, + "code" : "response.set_cookie(key = \"auth_cookie\", value = cookie)", + "beginColumn" : 9, + "endColumn" : 64 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "+lj5RdU3H4wnBsZlprQYZQ", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.introduction/views.py.1109", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1197, + "endLine" : 1197, + "code" : "response.set_cookie(\"session_id\", None)", + "beginColumn" : 13, + "endColumn" : 51 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "4cg//H/MOV172ptVu69Uhw", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.introduction/views.py.1197", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1197, + "endLine" : 1197, + "code" : "response.set_cookie(\"session_id\", None)", + "beginColumn" : 13, + "endColumn" : 51 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "AvmEks/zoIZsjvTeDP4W2Q", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.introduction/views.py.1197", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1197, + "endLine" : 1197, + "code" : "response.set_cookie(\"session_id\", None)", + "beginColumn" : 13, + "endColumn" : 51 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "iWWCaSU3Dp1jSkXEEyzvAw", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.introduction/views.py.1197", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1204, + "endLine" : 1204, + "code" : "response.set_cookie(\"session_id\", token)", + "beginColumn" : 13, + "endColumn" : 52 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "properties" : { + "unique.hash.prop" : "path" + }, + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "iqrZ3RZxPDYA4Tgwj9gzlg", + "cwe" : 315, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.path.introduction/views.py.1204", + "explanation" : "Cookie path is not allowed: '/'" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1204, + "endLine" : 1204, + "code" : "response.set_cookie(\"session_id\", token)", + "beginColumn" : 13, + "endColumn" : 52 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-1004" ], + "properties" : { + "unique.hash.prop" : "httponly" + }, + "tags" : [ "CWE:1004", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "J7cGStn+euZ1RogSu0zg2g", + "cwe" : 1004, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.httponly.introduction/views.py.1204", + "explanation" : "HttpOnly not enforced" + }, { + "detector" : "python.unsafe_cookie", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1204, + "endLine" : 1204, + "code" : "response.set_cookie(\"session_id\", token)", + "beginColumn" : 13, + "endColumn" : 52 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-614" ], + "properties" : { + "unique.hash.prop" : "secure" + }, + "tags" : [ "CWE:614", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.10" ], + "uniqueHash" : "BuRyx6ei95JCapLK/Ksscg", + "cwe" : 614, + "issueId" : "SAS.misconfiguration.python.unsafe_cookie.secure.introduction/views.py.1204", + "explanation" : "Secure cookie not enforced" + }, { + "detector" : "python.weak_hash_algorithm", + "kind" : "cryptography", + "severity" : "critical", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1026, + "endLine" : 1026, + "code" : "md5(password.encode()).hexdigest()", + "beginColumn" : 28, + "endColumn" : 61 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-328" ], + "tags" : [ "CCN-AGREED/Hash", "crypto", "CWE:328", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A2", "PCI-DSS:3.6.1" ], + "uniqueHash" : "qPIxhinHCP8b5aEVgl1KZA", + "cwe" : 328, + "issueId" : "SAS.cryptography.python.weak_hash_algorithm.introduction/views.py.1026", + "explanation" : "Hash algorithm md5 should not be used" + }, { + "detector" : "python.plaintext_storage_in_cookie", + "kind" : "information_leak", + "severity" : "low", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 501, + "endLine" : 501, + "code" : "html.set_cookie(\"email\", email)", + "beginColumn" : 17, + "endColumn" : 47 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4" ], + "uniqueHash" : "M7u4d5eLfD7ukqCCBeLc1g", + "cwe" : 315, + "issueId" : "SAS.information_leak.python.plaintext_storage_in_cookie.introduction/views.py.501", + "explanation" : "Cleartext storage of sensitive information in a cookie" + }, { + "detector" : "python.plaintext_storage_in_cookie", + "kind" : "information_leak", + "severity" : "low", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 507, + "endLine" : 507, + "code" : "html.set_cookie(\"email\",email)", + "beginColumn" : 17, + "endColumn" : 46 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-315" ], + "tags" : [ "CWE:315", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4" ], + "uniqueHash" : "2IAsqTp9KfuZbNsUudLsSg", + "cwe" : 315, + "issueId" : "SAS.information_leak.python.plaintext_storage_in_cookie.introduction/views.py.507", + "explanation" : "Cleartext storage of sensitive information in a cookie" + }, { + "detector" : "python.log_forging", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 654, + "endLine" : 654, + "code" : "logging.info(f\"{now}:{ip}\")", + "beginColumn" : 9, + "endColumn" : 35 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 653, + "endLine" : 653, + "code" : "ip = request.META.get('REMOTE_ADDR')", + "beginColumn" : 13, + "endColumn" : 14 + }, + "container" : "django.http.HttpResponse def a10_lab2(request)", + "injectionPoint" : "ip", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 654, + "endLine" : 654, + "code" : "logging.info(f\"{now}:{ip}\")", + "beginColumn" : 17, + "endColumn" : 20 + }, + "container" : "django.http.HttpResponse def a10_lab2(request)", + "category" : "log_forging" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 653, + "endLine" : 653, + "code" : "ip = request.META.get('REMOTE_ADDR')", + "beginColumn" : 13, + "endColumn" : 14 + }, + "variableName" : "ip" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 654, + "endLine" : 654, + "code" : "logging.info(f\"{now}:{ip}\")", + "beginColumn" : 31, + "endColumn" : 32 + }, + "variableName" : "ip" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-117" ], + "tags" : [ "CWE:117", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A9", "PCI-DSS:10.5.2", "python3" ], + "uniqueHash" : "qid+Crp9Kv11uXnfOvvqHw", + "cwe" : 117, + "issueId" : "SAS.injection.python.log_forging.introduction/views.py.654", + "explanation" : "Improper neutralization of special elements within Logs ('Log Forging')" + }, { + "detector" : "python.log_forging", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 668, + "endLine" : 668, + "code" : "logging.warning(f\"{now}:{ip}:{user}\")", + "beginColumn" : 17, + "endColumn" : 53 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 664, + "endLine" : 664, + "code" : "ip = request.META.get('REMOTE_ADDR')", + "beginColumn" : 13, + "endColumn" : 14 + }, + "container" : "django.http.HttpResponse def a10_lab2(request)", + "injectionPoint" : "ip", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 668, + "endLine" : 668, + "code" : "logging.warning(f\"{now}:{ip}:{user}\")", + "beginColumn" : 25, + "endColumn" : 31 + }, + "container" : "django.http.HttpResponse def a10_lab2(request)", + "category" : "log_forging" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 664, + "endLine" : 664, + "code" : "ip = request.META.get('REMOTE_ADDR')", + "beginColumn" : 13, + "endColumn" : 14 + }, + "variableName" : "ip" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 668, + "endLine" : 668, + "code" : "logging.warning(f\"{now}:{ip}:{user}\")", + "beginColumn" : 42, + "endColumn" : 43 + }, + "variableName" : "ip" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-117" ], + "tags" : [ "CWE:117", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A9", "PCI-DSS:10.5.2", "python3" ], + "uniqueHash" : "oQcLKMOwC+hFmPz3C7D4xg", + "cwe" : 117, + "issueId" : "SAS.injection.python.log_forging.introduction/views.py.668", + "explanation" : "Improper neutralization of special elements within Logs ('Log Forging')" + }, { + "detector" : "python.log_forging", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 669, + "endLine" : 669, + "code" : "logging.info(f\"{now}:{ip}:{user}\")", + "beginColumn" : 13, + "endColumn" : 46 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 664, + "endLine" : 664, + "code" : "ip = request.META.get('REMOTE_ADDR')", + "beginColumn" : 13, + "endColumn" : 14 + }, + "container" : "django.http.HttpResponse def a10_lab2(request)", + "injectionPoint" : "ip", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 669, + "endLine" : 669, + "code" : "logging.info(f\"{now}:{ip}:{user}\")", + "beginColumn" : 21, + "endColumn" : 24 + }, + "container" : "django.http.HttpResponse def a10_lab2(request)", + "category" : "log_forging" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 664, + "endLine" : 664, + "code" : "ip = request.META.get('REMOTE_ADDR')", + "beginColumn" : 13, + "endColumn" : 14 + }, + "variableName" : "ip" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 669, + "endLine" : 669, + "code" : "logging.info(f\"{now}:{ip}:{user}\")", + "beginColumn" : 35, + "endColumn" : 36 + }, + "variableName" : "ip" + } ] + }, { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 659, + "endLine" : 659, + "code" : "x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')", + "beginColumn" : 9, + "endColumn" : 23 + }, + "container" : "django.http.HttpResponse def a10_lab2(request)", + "injectionPoint" : "x_forwarded_for", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 669, + "endLine" : 669, + "code" : "logging.info(f\"{now}:{ip}:{user}\")", + "beginColumn" : 21, + "endColumn" : 24 + }, + "container" : "django.http.HttpResponse def a10_lab2(request)", + "category" : "log_forging" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 659, + "endLine" : 659, + "code" : "x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')", + "beginColumn" : 9, + "endColumn" : 23 + }, + "variableName" : "x_forwarded_for" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 662, + "endLine" : 662, + "code" : "x_forwarded_for.split(',')[0]", + "beginColumn" : 18, + "endColumn" : 32 + }, + "variableName" : "x_forwarded_for" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 669, + "endLine" : 669, + "code" : "logging.info(f\"{now}:{ip}:{user}\")", + "beginColumn" : 35, + "endColumn" : 36 + }, + "variableName" : "ip" + } ] + }, { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 657, + "endLine" : 657, + "code" : "user=request.POST.get(\"name\")", + "beginColumn" : 9, + "endColumn" : 12 + }, + "container" : "django.http.HttpResponse def a10_lab2(request)", + "injectionPoint" : "user", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 669, + "endLine" : 669, + "code" : "logging.info(f\"{now}:{ip}:{user}\")", + "beginColumn" : 21, + "endColumn" : 24 + }, + "container" : "django.http.HttpResponse def a10_lab2(request)", + "category" : "log_forging" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 657, + "endLine" : 657, + "code" : "user=request.POST.get(\"name\")", + "beginColumn" : 9, + "endColumn" : 12 + }, + "variableName" : "user" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 669, + "endLine" : 669, + "code" : "logging.info(f\"{now}:{ip}:{user}\")", + "beginColumn" : 40, + "endColumn" : 43 + }, + "variableName" : "user" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-117" ], + "tags" : [ "CWE:117", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A9", "PCI-DSS:10.5.2", "python3" ], + "uniqueHash" : "GZ4qhQhinTQvCaXrmIHWkw", + "cwe" : 117, + "issueId" : "SAS.injection.python.log_forging.introduction/views.py.669", + "explanation" : "Improper neutralization of special elements within Logs ('Log Forging')" + }, { + "detector" : "python.log_forging", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 672, + "endLine" : 672, + "code" : "logging.error(f\"{now}:{ip}:{user}\")", + "beginColumn" : 13, + "endColumn" : 47 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 664, + "endLine" : 664, + "code" : "ip = request.META.get('REMOTE_ADDR')", + "beginColumn" : 13, + "endColumn" : 14 + }, + "container" : "django.http.HttpResponse def a10_lab2(request)", + "injectionPoint" : "ip", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 672, + "endLine" : 672, + "code" : "logging.error(f\"{now}:{ip}:{user}\")", + "beginColumn" : 21, + "endColumn" : 25 + }, + "container" : "django.http.HttpResponse def a10_lab2(request)", + "category" : "log_forging" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 664, + "endLine" : 664, + "code" : "ip = request.META.get('REMOTE_ADDR')", + "beginColumn" : 13, + "endColumn" : 14 + }, + "variableName" : "ip" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 672, + "endLine" : 672, + "code" : "logging.error(f\"{now}:{ip}:{user}\")", + "beginColumn" : 36, + "endColumn" : 37 + }, + "variableName" : "ip" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-117" ], + "tags" : [ "CWE:117", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A9", "PCI-DSS:10.5.2", "python3" ], + "uniqueHash" : "QNWA/B9LpWIGnbMqG6RWWg", + "cwe" : 117, + "issueId" : "SAS.injection.python.log_forging.introduction/views.py.672", + "explanation" : "Improper neutralization of special elements within Logs ('Log Forging')" + }, { + "detector" : "python.information_exposure_through_error_message", + "kind" : "information_leak", + "severity" : "low", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 601, + "endLine" : 601, + "code" : "print(e)", + "beginColumn" : 17, + "endColumn" : 24 + }, + "language" : "python", + "container" : "def a9_lab2(request)", + "confidence" : "high", + "cwes" : [ "CWE-209" ], + "tags" : [ "CWE:209", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.5" ], + "uniqueHash" : "WzqtN4uNrRBMmOVPKLOSBA", + "cwe" : 209, + "issueId" : "SAS.information_leak.python.information_exposure_through_error_message.introduction/views.py.601", + "explanation" : "Generation of error message containing sensitive information" + }, { + "detector" : "python.information_exposure_through_error_message", + "kind" : "information_leak", + "severity" : "low", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 604, + "endLine" : 604, + "code" : "print(e)", + "beginColumn" : 13, + "endColumn" : 20 + }, + "language" : "python", + "container" : "def a9_lab2(request)", + "confidence" : "high", + "cwes" : [ "CWE-209" ], + "tags" : [ "CWE:209", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.5" ], + "uniqueHash" : "WzqtN4uNrRBMmOVPKLOSBA", + "cwe" : 209, + "issueId" : "SAS.information_leak.python.information_exposure_through_error_message.introduction/views.py.604", + "explanation" : "Generation of error message containing sensitive information" + }, { + "detector" : "python.information_exposure_through_error_message", + "kind" : "information_leak", + "severity" : "low", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1065, + "endLine" : 1065, + "code" : "print(e)", + "beginColumn" : 17, + "endColumn" : 24 + }, + "language" : "python", + "container" : "django.http.HttpResponse def crypto_failure_lab3(request)", + "confidence" : "high", + "cwes" : [ "CWE-209" ], + "tags" : [ "CWE:209", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.5" ], + "uniqueHash" : "WzqtN4uNrRBMmOVPKLOSBA", + "cwe" : 209, + "issueId" : "SAS.information_leak.python.information_exposure_through_error_message.introduction/views.py.1065", + "explanation" : "Generation of error message containing sensitive information" + }, { + "detector" : "python.information_exposure_through_error_message", + "kind" : "information_leak", + "severity" : "low", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1159, + "endLine" : 1159, + "code" : "print(e)", + "beginColumn" : 13, + "endColumn" : 20 + }, + "language" : "python", + "container" : "django.http.HttpResponse def auth_failure_lab2(request)", + "confidence" : "high", + "cwes" : [ "CWE-209" ], + "tags" : [ "CWE:209", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2021:A4", "PCI-DSS:6.5.5" ], + "uniqueHash" : "WzqtN4uNrRBMmOVPKLOSBA", + "cwe" : 209, + "issueId" : "SAS.information_leak.python.information_exposure_through_error_message.introduction/views.py.1159", + "explanation" : "Generation of error message containing sensitive information" + }, { + "detector" : "python.cookie_poisoning", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 291, + "endLine" : 291, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 17, + "endColumn" : 104 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 286, + "endLine" : 286, + "code" : "passwd = request.POST['pass']", + "beginColumn" : 13, + "endColumn" : 18 + }, + "container" : "django.http.HttpResponse def auth_lab_signup(request)", + "injectionPoint" : "passwd", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 291, + "endLine" : 291, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 26, + "endColumn" : 35 + }, + "container" : "django.http.HttpResponse def auth_lab_signup(request)", + "category" : "cookie_poisoning" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 286, + "endLine" : 286, + "code" : "passwd = request.POST['pass']", + "beginColumn" : 13, + "endColumn" : 18 + }, + "variableName" : "passwd" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 287, + "endLine" : 287, + "code" : "authLogin.objects.create(name=name,username=user_name,password=passwd)", + "beginColumn" : 82, + "endColumn" : 87 + }, + "variableName" : "passwd" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 291, + "endLine" : 291, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 47, + "endColumn" : 49 + }, + "variableName" : "obj" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-472" ], + "tags" : [ "CWE:472", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.1" ], + "uniqueHash" : "C62Up0BI1fGKBrZQpmPiUA", + "cwe" : 472, + "issueId" : "SAS.injection.python.cookie_poisoning.introduction/views.py.291", + "explanation" : "Improper neutralization of external input stored into a cookie ('Cookie Poisoning')" + }, { + "detector" : "python.cookie_poisoning", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 305, + "endLine" : 305, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 13, + "endColumn" : 100 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 302, + "endLine" : 302, + "code" : "authLogin.objects.filter(userid=request.COOKIES['userid'])[0]", + "beginColumn" : 59, + "endColumn" : 65 + }, + "container" : "django.http.HttpResponse def auth_lab_login(request)", + "injectionPoint" : "obj", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 305, + "endLine" : 305, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 22, + "endColumn" : 31 + }, + "container" : "django.http.HttpResponse def auth_lab_login(request)", + "category" : "cookie_poisoning" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-472" ], + "tags" : [ "CWE:472", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.1" ], + "uniqueHash" : "C62Up0BI1fGKBrZQpmPiUA", + "cwe" : 472, + "issueId" : "SAS.injection.python.cookie_poisoning.introduction/views.py.305", + "explanation" : "Improper neutralization of external input stored into a cookie ('Cookie Poisoning')" + }, { + "detector" : "python.cookie_poisoning", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 319, + "endLine" : 319, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 17, + "endColumn" : 104 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 313, + "endLine" : 313, + "code" : "passwd = request.POST['pass']", + "beginColumn" : 13, + "endColumn" : 18 + }, + "container" : "django.http.HttpResponse def auth_lab_login(request)", + "injectionPoint" : "passwd", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 319, + "endLine" : 319, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 26, + "endColumn" : 35 + }, + "container" : "django.http.HttpResponse def auth_lab_login(request)", + "category" : "cookie_poisoning" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 313, + "endLine" : 313, + "code" : "passwd = request.POST['pass']", + "beginColumn" : 13, + "endColumn" : 18 + }, + "variableName" : "passwd" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 315, + "endLine" : 315, + "code" : "authLogin.objects.filter(username=user_name,password=passwd)[0]", + "beginColumn" : 72, + "endColumn" : 77 + }, + "variableName" : "passwd" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 319, + "endLine" : 319, + "code" : "response.set_cookie('userid', obj.userid, max_age=31449600, samesite=None, secure=False)", + "beginColumn" : 47, + "endColumn" : 49 + }, + "variableName" : "obj" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-472" ], + "tags" : [ "CWE:472", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.1" ], + "uniqueHash" : "C62Up0BI1fGKBrZQpmPiUA", + "cwe" : 472, + "issueId" : "SAS.injection.python.cookie_poisoning.introduction/views.py.319", + "explanation" : "Improper neutralization of external input stored into a cookie ('Cookie Poisoning')" + }, { + "detector" : "python.cookie_poisoning", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 501, + "endLine" : 501, + "code" : "html.set_cookie(\"email\", email)", + "beginColumn" : 17, + "endColumn" : 47 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 495, + "endLine" : 495, + "code" : "email=request.GET.get('email')", + "beginColumn" : 9, + "endColumn" : 13 + }, + "container" : "django.http.HttpResponse def Otp(request)", + "injectionPoint" : "email", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 501, + "endLine" : 501, + "code" : "html.set_cookie(\"email\", email)", + "beginColumn" : 22, + "endColumn" : 31 + }, + "container" : "django.http.HttpResponse def Otp(request)", + "category" : "cookie_poisoning" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 495, + "endLine" : 495, + "code" : "email=request.GET.get('email')", + "beginColumn" : 9, + "endColumn" : 13 + }, + "variableName" : "email" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 501, + "endLine" : 501, + "code" : "html.set_cookie(\"email\", email)", + "beginColumn" : 42, + "endColumn" : 46 + }, + "variableName" : "email" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-472" ], + "tags" : [ "CWE:472", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.1" ], + "uniqueHash" : "oLlz3KU+5+aYACbULjodQg", + "cwe" : 472, + "issueId" : "SAS.injection.python.cookie_poisoning.introduction/views.py.501", + "explanation" : "Improper neutralization of external input stored into a cookie ('Cookie Poisoning')" + }, { + "detector" : "python.cookie_poisoning", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 507, + "endLine" : 507, + "code" : "html.set_cookie(\"email\",email)", + "beginColumn" : 17, + "endColumn" : 46 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 495, + "endLine" : 495, + "code" : "email=request.GET.get('email')", + "beginColumn" : 9, + "endColumn" : 13 + }, + "container" : "django.http.HttpResponse def Otp(request)", + "injectionPoint" : "email", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 507, + "endLine" : 507, + "code" : "html.set_cookie(\"email\",email)", + "beginColumn" : 22, + "endColumn" : 31 + }, + "container" : "django.http.HttpResponse def Otp(request)", + "category" : "cookie_poisoning" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 495, + "endLine" : 495, + "code" : "email=request.GET.get('email')", + "beginColumn" : 9, + "endColumn" : 13 + }, + "variableName" : "email" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 507, + "endLine" : 507, + "code" : "html.set_cookie(\"email\",email)", + "beginColumn" : 41, + "endColumn" : 45 + }, + "variableName" : "email" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-472" ], + "tags" : [ "CWE:472", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.1" ], + "uniqueHash" : "4cVrn43yEOa4AbZTEM0ymw", + "cwe" : 472, + "issueId" : "SAS.injection.python.cookie_poisoning.introduction/views.py.507", + "explanation" : "Improper neutralization of external input stored into a cookie ('Cookie Poisoning')" + }, { + "detector" : "python.cookie_poisoning", + "kind" : "injection", + "severity" : "high", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1076, + "endLine" : 1076, + "code" : "response.set_cookie(\"cookie\", cookie)", + "beginColumn" : 21, + "endColumn" : 57 + }, + "language" : "python", + "codeFlows" : [ { + "frames" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1069, + "endLine" : 1069, + "code" : "username = request.POST[\"username\"]", + "beginColumn" : 13, + "endColumn" : 20 + }, + "container" : "django.http.HttpResponse def crypto_failure_lab3(request)", + "injectionPoint" : "username", + "category" : "external_input" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1076, + "endLine" : 1076, + "code" : "response.set_cookie(\"cookie\", cookie)", + "beginColumn" : 30, + "endColumn" : 39 + }, + "container" : "django.http.HttpResponse def crypto_failure_lab3(request)", + "category" : "cookie_poisoning" + } ], + "dataPaths" : [ { + "kind" : "source", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1069, + "endLine" : 1069, + "code" : "username = request.POST[\"username\"]", + "beginColumn" : 13, + "endColumn" : 20 + }, + "variableName" : "username" + }, { + "kind" : "assign", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1074, + "endLine" : 1074, + "code" : "cookie = f\"{username}|{expire}\"", + "beginColumn" : 33, + "endColumn" : 40 + }, + "variableName" : "username" + }, { + "kind" : "sink", + "location" : { + "filepath" : "introduction/views.py", + "beginLine" : 1076, + "endLine" : 1076, + "code" : "response.set_cookie(\"cookie\", cookie)", + "beginColumn" : 51, + "endColumn" : 56 + }, + "variableName" : "cookie" + } ] + } ], + "confidence" : "high", + "cwes" : [ "CWE-472" ], + "tags" : [ "CWE:472", "in-app-code", "in-repo", "NIST.SP.800-53", "PCI-DSS:6.5.1" ], + "uniqueHash" : "ZIhHp9zNj7WLA/7TMdBzjQ", + "cwe" : 472, + "issueId" : "SAS.injection.python.cookie_poisoning.introduction/views.py.1076", + "explanation" : "Improper neutralization of external input stored into a cookie ('Cookie Poisoning')" + }, { + "detector" : "python.template_xss_protection_disabled", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "challenge/templates/challenge.html", + "beginLine" : 17, + "endLine" : 76, + "code" : "" + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ ], + "tags" : [ "in-app-code", "in-repo" ], + "uniqueHash" : "TTdOcivsbfM4Luh9bBCCNg", + "cwe" : 0, + "issueId" : "SAS.misconfiguration.python.template_xss_protection_disabled.introduction/templates/Lab/A9/a9_lab2.html.84", + "explanation" : "Embedded variables within JavaScript blocks may allow may expose your application to XSS vulnerabilities" + }, { + "detector" : "python.template_xss_protection_disabled", + "kind" : "misconfiguration", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab/ssrf/ssrf_lab2.html", + "beginLine" : 23, + "endLine" : 23, + "code" : "{{response | safe}}" + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ ], + "tags" : [ "in-app-code", "in-repo" ], + "uniqueHash" : "l5VSGa/toejB8VpdgQHQTg", + "cwe" : 0, + "issueId" : "SAS.misconfiguration.python.template_xss_protection_disabled.introduction/templates/Lab/ssrf/ssrf_lab2.html.23", + "explanation" : "Content marked as safe will not be escaped, potentially exposing your application to XSS vulnerabilities" + }, { + "detector" : "python.template_xss_protection_disabled", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/insec_des_lab/templates/base.html", + "beginLine" : 6, + "endLine" : 6, + "code" : "href=\"{{ url_for('static', filename='style.css') }}\"" + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ ], + "tags" : [ "in-app-code", "in-repo" ], + "uniqueHash" : "HjVPjgRHWEhKxciWzMNgBQ", + "cwe" : 0, + "issueId" : "SAS.misconfiguration.python.template_xss_protection_disabled.dockerized_labs/insec_des_lab/templates/base.html.6", + "explanation" : "Using template variables in href attributes may allow JavaScript URIs which may expose your application to XSS vulnerabilities" + }, { + "detector" : "python.template_xss_protection_disabled", + "kind" : "misconfiguration", + "severity" : "low", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A8_software_and_data_integrity_failure/lab2.html", + "beginLine" : 11, + "endLine" : 11, + "code" : "{{username | safe}}" + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ ], + "tags" : [ "in-app-code", "in-repo" ], + "uniqueHash" : "G8AVf4R7bIKEkx7z6qbKNA", + "cwe" : 0, + "issueId" : "SAS.misconfiguration.python.template_xss_protection_disabled.introduction/templates/Lab_2021/A8_software_and_data_integrity_failure/lab2.html.11", + "explanation" : "Content marked as safe will not be escaped, potentially exposing your application to XSS vulnerabilities" + }, { + "detector" : "python.template_xss_protection_disabled", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "introduction/templates/Lab_2021/A3_Injection/ssti_lab.html", + "beginLine" : 13, + "endLine" : 13, + "code" : "href=blog/{{blog.blog_id}}" + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ ], + "tags" : [ "in-app-code", "in-repo" ], + "uniqueHash" : "A0zdZkrJgNAyvFfhrnGr7Q", + "cwe" : 0, + "issueId" : "SAS.misconfiguration.python.template_xss_protection_disabled.introduction/templates/Lab_2021/A3_Injection/ssti_lab.html.13", + "explanation" : "Using template variables in href attributes may allow JavaScript URIs which may expose your application to XSS vulnerabilities" + }, { + "detector" : "python.template_xss_protection_disabled", + "kind" : "misconfiguration", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/sensitive_data_exposure/templates/profile.html", + "beginLine" : 216, + "endLine" : 230, + "code" : "" + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ ], + "tags" : [ "in-app-code", "in-repo" ], + "uniqueHash" : "8afE62f14vAMkHnJboFqLA", + "cwe" : 0, + "issueId" : "SAS.misconfiguration.python.template_xss_protection_disabled.introduction/templates/Lab/XSS/xss_lab_3.html.20", + "explanation" : "Embedded variables within JavaScript blocks may allow may expose your application to XSS vulnerabilities" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/broken_auth_lab/app.py", + "beginLine" : 7, + "endLine" : 7, + "code" : "Flask(__name__)", + "beginColumn" : 7, + "endColumn" : 21 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "e9Yvqw74K8Jg9oxMsesFbw", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.dockerized_labs/broken_auth_lab/app.py.7", + "explanation" : "flask_wtf CSRF protection has not been enabled for some of this Flask App controllers" + }, { + "detector" : "python.cross_site_request_forgery", + "kind" : "authentication", + "severity" : "high", + "location" : { + "filepath" : "dockerized_labs/insec_des_lab/main.py", + "beginLine" : 6, + "endLine" : 6, + "code" : "Flask(__name__)", + "beginColumn" : 7, + "endColumn" : 21 + }, + "language" : "python", + "confidence" : "high", + "cwes" : [ "CWE-352" ], + "tags" : [ "CWE:352", "in-app-code", "in-repo", "NIST.SP.800-53", "OWASP:2013:A8", "PCI-DSS:6.5.1" ], + "uniqueHash" : "LNE2bOFQ/vYo3Y4hATCktA", + "cwe" : 352, + "issueId" : "SAS.authentication.python.cross_site_request_forgery.dockerized_labs/insec_des_lab/main.py.6", + "explanation" : "flask_wtf CSRF protection has not been enabled for some of this Flask App controllers" + } ], + "statistics" : { + "files" : 203, + "vulnerabilities" : 501, + "filesByKind" : { + "html" : 117, + "python" : 80, + "javascript" : 5, + "ipynb" : 1 + }, + "vulnerabilitiesByKind" : { + "injection" : 268, + "misconfiguration" : 90, + "authentication" : 45, + "information_leak" : 40, + "access_control" : 38, + "resource_management" : 7, + "cryptography" : 4, + "predictability" : 3, + "risky_values" : 2, + "path_resolution" : 2, + "other" : 1, + "channel" : 1 + }, + "vulnerabilitiesByDetector" : { + "html.inline_javascript_event_handler" : 119, + "html.input_fields_without_validation_attributes" : 111, + "python.unsafe_cookie" : 58, + "html.missing_resource_integrity" : 30, + "python.cross_site_request_forgery" : 27, + "html.autocomplete_enabled_for_sensitive_fields" : 22, + "html.forms_without_csrf_protection" : 18, + "python.template_xss_protection_disabled" : 13, + "python.observable_timing_discrepancy" : 9, + "python.http_splitting" : 9, + "python.cookie_poisoning" : 9, + "python.django_unsafe_session_configuration" : 8, + "python.external_request_dos" : 7, + "html.missing_tabnabbing_protection" : 6, + "python.django_unsafe_configuration" : 5, + "python.log_forging" : 4, + "python.information_exposure_through_error_message" : 4, + "python.hardcoded_cryptographic_key" : 3, + "python.cross_site_scripting" : 3, + "python.code_injection_deserialization" : 3, + "python.weak_hash_algorithm" : 3, + "python.insecure_parser" : 3, + "python.server_insecure_transport" : 2, + "python.sql_injection" : 2, + "python.code_injection" : 2, + "python.no_use_eval" : 2, + "python.flask_unsafe_configuration" : 2, + "python.plaintext_storage_in_cookie" : 2, + "python.path_traversal" : 2, + "html.javascript_protocol_urls" : 2, + "javascript.resource_injection" : 1, + "javascript.cross_site_scripting" : 1, + "html.missing_clickjacking_protection" : 1, + "python.weak_password_hash" : 1, + "python.user_controlled_primary_key" : 1, + "python.execution_after_redirect" : 1, + "html.unsafe_content_security_policy" : 1, + "python.command_injection" : 1, + "python.server_side_request_forgery" : 1, + "python.information_exposure_through_external_request" : 1, + "python.http_parameter_pollution" : 1 + }, + "vulnerabilitiesBySeverity" : { + "high" : 196, + "low" : 163, + "info" : 111, + "critical" : 31 + }, + "elapsedTime" : 4.946731683, + "linesScanned" : 0, + "detectors" : 576 + }, + "errors" : [ { + "description" : "io.xygeni.sast.scanner.parser.ParseException: \nEncountered an error at (or somewhere around) /home/lrodriguez/work/sast/pygoat/introduction/templates/Lab/CMD/cmd.html:65:27\nWas expecting one of the following:\nEOF\nFound string \"&& means and...\" of type ENTITY\n\tat io.xygeni.sast.scanner.parser.HtmlParser.parse(HtmlParser.java:25)\n\tat io.xygeni.sast.scanner.parser.HtmlParser.parse(HtmlParser.java:17)\n\tat io.xygeni.sast.scanner.engine.SastEngine.parseSourceFile(SastEngine.java:663)\n\tat io.xygeni.sast.scanner.engine.SastEngine.runFileTasksWithParser(SastEngine.java:609)\n\tat io.xygeni.sast.scanner.engine.SastEngine.lambda$runFileTasksWithParser$10(SastEngine.java:601)\n\t... 6 more\n", + "file" : "/home/lrodriguez/work/sast/pygoat/introduction/templates/Lab/CMD/cmd.html", + "fatal" : false, + "code" : "SAST-WARNING-001", + "detector" : "HtmlParser" + } ], + "issuesAssetMapping" : { + "links" : { }, + "userLinks" : { } + }, + "properties" : { }, + "currentBranch" : "origin/master" +} \ No newline at end of file diff --git a/unittests/scans/xygeni/sast_no_findings.json b/unittests/scans/xygeni/sast_no_findings.json new file mode 100644 index 00000000000..deacc28c9c8 --- /dev/null +++ b/unittests/scans/xygeni/sast_no_findings.json @@ -0,0 +1,16 @@ +{ + "metadata": { + "uuid": "00000000-0000-0000-0000-000000000000", + "timestamp": "2026-01-01T00:00:00Z", + "projectName": "empty-project", + "scanType": "sast", + "format": "sast-xygeni", + "reportProperties": { + "tool.name": "Xygeni", + "tool.version": "6.7.0" + } + }, + "rules": [], + "vulnerabilities": [], + "errors": [] +} diff --git a/unittests/scans/xygeni/sca_many_findings.json b/unittests/scans/xygeni/sca_many_findings.json new file mode 100644 index 00000000000..53b851e6b5f --- /dev/null +++ b/unittests/scans/xygeni/sca_many_findings.json @@ -0,0 +1,11622 @@ +{ + "projectName" : "harekrishnarai/Damn-vulnerable-sca", + "directory" : "/home/lrodriguez/work/Damn-vulnerable-sca", + "includes" : "", + "excludes" : "**/target/**,**/node_modules/**,**/bower_components/**,**/.xygeni.*.baseline.json,**/.m2/**,**/dist/**,vendor/**,src/vendor/**", + "statistics" : { + "files" : 3, + "filesByKind" : { + "Maven Command Analyzer" : 2, + "Maven Analyzer" : 2, + "Npm Analyzer" : 1 + }, + "dependencies" : 275, + "depsByEcosystem" : { + "npm" : 196, + "maven" : 78, + "unknown" : 1 + }, + "elapsedTime" : 13.082845211, + "reachabilityElapsedTime" : 0.001003678 + }, + "dependencies" : [ { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "backend/pom.xml", + "group" : "com.acme.foo", + "name" : "springboot-app", + "version" : "0.0.1-SNAPSHOT", + "scope" : "", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "projectReferences" : [ "harekrishnarai/Damn-vulnerable-sca" ], + "paths" : { + "id" : 1, + "dependencyDescriptor" : "backend/pom.xml", + "parents" : [ 0 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "locations" : [ { + "filepath" : "backend/pom.xml", + "beginLine" : 14, + "endLine" : 15, + "code" : "\tcom.acme.foo\n\tspringboot-app" + } ], + "directDependency" : true, + "currentProject" : true, + "root" : false + }, + "remediable" : { + "remediableLevel" : "AUTO" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/xz-java-malicious/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "xz-java-malicious/pom.xml", + "description" : "Modified xz-java library for SCA security testing", + "licenses" : [ { + "name" : "Public Domain", + "url" : "https://www.example.com/license", + "confidence" : 1.0, + "licenseKind" : "Unknown" + } ], + "group" : "io.github.xz-java", + "name" : "xz-java", + "version" : "1.9.2", + "scope" : "", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "projectReferences" : [ "harekrishnarai/Damn-vulnerable-sca" ], + "paths" : { + "id" : 2, + "dependencyDescriptor" : "xz-java-malicious/pom.xml", + "parents" : [ 0 ], + "dependencyPaths" : [ "xz-java-malicious/pom.xml" ], + "locations" : [ { + "filepath" : "xz-java-malicious/pom.xml", + "beginLine" : 8, + "endLine" : 9, + "code" : " io.github.xz-java\n xz-java" + } ], + "directDependency" : true, + "currentProject" : true, + "root" : false + }, + "remediable" : { + "remediableLevel" : "AUTO" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : false, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "package-lock.json", + "licenses" : [ { + "name" : "ISC", + "spdxId" : "ISC", + "url" : "https://www.isc.org/licenses/", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "damn-vulnerable-sca", + "version" : "1.0.0", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "projectReferences" : [ "harekrishnarai/Damn-vulnerable-sca" ], + "paths" : { + "id" : 79, + "dependencyDescriptor" : "package-lock.json", + "parents" : [ 0 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : true, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/xz-java-malicious/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.tukaani:xz:1.9", + "group" : "org.tukaani", + "name" : "xz", + "version" : "1.9", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 3, + "parents" : [ 2 ], + "dependencyPaths" : [ "xz-java-malicious/pom.xml" ], + "locations" : [ { + "filepath" : "xz-java-malicious/pom.xml", + "beginLine" : 25, + "endLine" : 26, + "code" : " org.tukaani\n xz" + } ], + "directDependency" : true, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "AUTO" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/br.com.anteros:Anteros-Core:1.1.9", + "group" : "br.com.anteros", + "name" : "Anteros-Core", + "version" : "1.1.9", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 43, + "parents" : [ 1, 45 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "locations" : [ { + "filepath" : "backend/pom.xml", + "beginLine" : 61, + "endLine" : 62, + "code" : "\t\t\tbr.com.anteros\n\t\t\tAnteros-Core" + } ], + "directDependency" : true, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "AUTO" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/br.com.anteros:Anteros-DBCP:1.0.1", + "group" : "br.com.anteros", + "name" : "Anteros-DBCP", + "version" : "1.0.1", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 45, + "parents" : [ 1 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "locations" : [ { + "filepath" : "backend/pom.xml", + "beginLine" : 90, + "endLine" : 91, + "code" : "\t\t\tbr.com.anteros\n\t\t\tAnteros-DBCP" + } ], + "directDependency" : true, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "AUTO" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/com.codahale.metrics:metrics-healthchecks:3.0.2", + "group" : "com.codahale.metrics", + "name" : "metrics-healthchecks", + "version" : "3.0.2", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 46, + "parents" : [ 1 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "locations" : [ { + "filepath" : "backend/pom.xml", + "beginLine" : 119, + "endLine" : 120, + "code" : "\t\t\tcom.codahale.metrics\n\t\t\tmetrics-healthchecks" + } ], + "directDependency" : true, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "AUTO" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/com.fasterxml.jackson.core:jackson-annotations:2.9.10", + "group" : "com.fasterxml.jackson.core", + "name" : "jackson-annotations", + "version" : "2.9.10", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 9, + "parents" : [ 8, 12, 31, 30 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/com.fasterxml.jackson.core:jackson-core:2.9.10", + "group" : "com.fasterxml.jackson.core", + "name" : "jackson-core", + "version" : "2.9.10", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 10, + "parents" : [ 8, 11, 12, 13, 57 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/com.fasterxml.jackson.core:jackson-databind:2.9.10.3", + "group" : "com.fasterxml.jackson.core", + "name" : "jackson-databind", + "version" : "2.9.10.3", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 8, + "parents" : [ 6, 11, 12, 13, 30 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.9.10", + "group" : "com.fasterxml.jackson.dataformat", + "name" : "jackson-dataformat-yaml", + "version" : "2.9.10", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 57, + "parents" : [ 1 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "locations" : [ { + "filepath" : "backend/pom.xml", + "beginLine" : 140, + "endLine" : 141, + "code" : "\t\t\tcom.fasterxml.jackson.dataformat\n\t\t\tjackson-dataformat-yaml" + } ], + "directDependency" : true, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "AUTO" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.9.10", + "group" : "com.fasterxml.jackson.datatype", + "name" : "jackson-datatype-jdk8", + "version" : "2.9.10", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 11, + "parents" : [ 6, 31 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.9.10", + "group" : "com.fasterxml.jackson.datatype", + "name" : "jackson-datatype-jsr310", + "version" : "2.9.10", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 12, + "parents" : [ 6 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/com.fasterxml.jackson.module:jackson-module-parameter-names:2.9.10", + "group" : "com.fasterxml.jackson.module", + "name" : "jackson-module-parameter-names", + "version" : "2.9.10", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 13, + "parents" : [ 6 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/com.fasterxml:classmate:1.4.0", + "group" : "com.fasterxml", + "name" : "classmate", + "version" : "1.4.0", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 22, + "parents" : [ 19 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/com.jayway.jsonpath:json-path:2.4.0", + "group" : "com.jayway.jsonpath", + "name" : "json-path", + "version" : "2.4.0", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 61, + "parents" : [ 58 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/com.unboundid:unboundid-ldapsdk:3.1.1", + "group" : "com.unboundid", + "name" : "unboundid-ldapsdk", + "version" : "3.1.1", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 41, + "parents" : [ 1 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "locations" : [ { + "filepath" : "backend/pom.xml", + "beginLine" : 47, + "endLine" : 48, + "code" : "\t\t\tcom.unboundid\n\t\t\tunboundid-ldapsdk" + } ], + "directDependency" : true, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "AUTO" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/com.vaadin.external.google:android-json:0.0.20131108.vaadin1", + "group" : "com.vaadin.external.google", + "name" : "android-json", + "version" : "0.0.20131108.vaadin1", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 74, + "parents" : [ 73 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/javax.activation:javax.activation-api:1.2.0", + "group" : "javax.activation", + "name" : "javax.activation-api", + "version" : "1.2.0", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 78, + "parents" : [ 77 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/javax.annotation:javax.annotation-api:1.3.2", + "group" : "javax.annotation", + "name" : "javax.annotation-api", + "version" : "1.3.2", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 15, + "parents" : [ 14, 5 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/javax.validation:validation-api:2.0.1.Final", + "group" : "javax.validation", + "name" : "validation-api", + "version" : "2.0.1.Final", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 20, + "parents" : [ 19 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/javax.xml.bind:jaxb-api:2.3.1", + "group" : "javax.xml.bind", + "name" : "jaxb-api", + "version" : "2.3.1", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 77, + "parents" : [ 76 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/joda-time:joda-time:2.10.5", + "group" : "joda-time", + "name" : "joda-time", + "version" : "2.10.5", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 44, + "parents" : [ 43 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/junit:junit:4.12", + "group" : "junit", + "name" : "junit", + "version" : "4.12", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 65, + "parents" : [ 58 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/net.bytebuddy:byte-buddy-agent:1.9.16", + "group" : "net.bytebuddy", + "name" : "byte-buddy-agent", + "version" : "1.9.16", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 70, + "parents" : [ 68 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/net.bytebuddy:byte-buddy:1.9.16", + "group" : "net.bytebuddy", + "name" : "byte-buddy", + "version" : "1.9.16", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 69, + "parents" : [ 68 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/net.minidev:accessors-smart:1.2", + "group" : "net.minidev", + "name" : "accessors-smart", + "version" : "1.2", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 63, + "parents" : [ 62 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/net.minidev:json-smart:2.3", + "group" : "net.minidev", + "name" : "json-smart", + "version" : "2.3", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 62, + "parents" : [ 61 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.apache.logging.log4j:log4j-api:2.11.2", + "group" : "org.apache.logging.log4j", + "name" : "log4j-api", + "version" : "2.11.2", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 53, + "parents" : [ 52, 54, 55 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "locations" : [ { + "filepath" : "backend/pom.xml", + "beginLine" : 79, + "endLine" : 80, + "code" : "\t\t\t\t\torg.apache.logging.log4j\n\t\t\t\t\tlog4j-api" + } ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.apache.logging.log4j:log4j-core:2.11.2", + "group" : "org.apache.logging.log4j", + "name" : "log4j-core", + "version" : "2.11.2", + "scope" : "runtime", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 54, + "parents" : [ 52, 51 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "locations" : [ { + "filepath" : "backend/pom.xml", + "beginLine" : 84, + "endLine" : 85, + "code" : "\t\t\t\t\torg.apache.logging.log4j\n\t\t\t\t\tlog4j-core" + } ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.apache.logging.log4j:log4j-jul:2.11.2", + "group" : "org.apache.logging.log4j", + "name" : "log4j-jul", + "version" : "2.11.2", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 55, + "parents" : [ 51 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.apache.logging.log4j:log4j-slf4j-impl:2.11.2", + "group" : "org.apache.logging.log4j", + "name" : "log4j-slf4j-impl", + "version" : "2.11.2", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 52, + "parents" : [ 51 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.apache.tomcat.embed:tomcat-embed-core:9.0.31", + "group" : "org.apache.tomcat.embed", + "name" : "tomcat-embed-core", + "version" : "9.0.31", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 16, + "parents" : [ 14, 18 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.apache.tomcat.embed:tomcat-embed-el:9.0.31", + "group" : "org.apache.tomcat.embed", + "name" : "tomcat-embed-el", + "version" : "9.0.31", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 17, + "parents" : [ 14 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.apache.tomcat.embed:tomcat-embed-websocket:9.0.31", + "group" : "org.apache.tomcat.embed", + "name" : "tomcat-embed-websocket", + "version" : "9.0.31", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 18, + "parents" : [ 14 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.assertj:assertj-core:3.11.1", + "group" : "org.assertj", + "name" : "assertj-core", + "version" : "3.11.1", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 67, + "parents" : [ 58 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.atteo:evo-inflector:1.2.2", + "group" : "org.atteo", + "name" : "evo-inflector", + "version" : "1.2.2", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 37, + "parents" : [ 31 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.hamcrest:hamcrest-core:1.3", + "group" : "org.hamcrest", + "name" : "hamcrest-core", + "version" : "1.3", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 66, + "parents" : [ 65, 58, 72 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.hamcrest:hamcrest-library:1.3", + "group" : "org.hamcrest", + "name" : "hamcrest-library", + "version" : "1.3", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 72, + "parents" : [ 58 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.hibernate.validator:hibernate-validator:6.0.18.Final", + "group" : "org.hibernate.validator", + "name" : "hibernate-validator", + "version" : "6.0.18.Final", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 19, + "parents" : [ 4 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.jboss.logging:jboss-logging:3.3.3.Final", + "group" : "org.jboss.logging", + "name" : "jboss-logging", + "version" : "3.3.3.Final", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 21, + "parents" : [ 19 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.mockito:mockito-core:2.23.4", + "group" : "org.mockito", + "name" : "mockito-core", + "version" : "2.23.4", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 68, + "parents" : [ 58 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.objenesis:objenesis:2.6", + "group" : "org.objenesis", + "name" : "objenesis", + "version" : "2.6", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 71, + "parents" : [ 68 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.ow2.asm:asm:5.0.4", + "group" : "org.ow2.asm", + "name" : "asm", + "version" : "5.0.4", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 64, + "parents" : [ 63 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.skyscreamer:jsonassert:1.5.0", + "group" : "org.skyscreamer", + "name" : "jsonassert", + "version" : "1.5.0", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 73, + "parents" : [ 58 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.slf4j:jul-to-slf4j:1.7.30", + "group" : "org.slf4j", + "name" : "jul-to-slf4j", + "version" : "1.7.30", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 56, + "parents" : [ 51 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.slf4j:slf4j-api:1.7.30", + "group" : "org.slf4j", + "name" : "slf4j-api", + "version" : "1.7.30", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 34, + "parents" : [ 33, 35, 36, 31, 30, 45, 46, 52, 56, 61 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.boot:spring-boot-autoconfigure:2.1.13.RELEASE", + "group" : "org.springframework.boot", + "name" : "spring-boot-autoconfigure", + "version" : "2.1.13.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 48, + "parents" : [ 5, 60 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.boot:spring-boot-starter-data-rest:2.1.13.RELEASE", + "group" : "org.springframework.boot", + "name" : "spring-boot-starter-data-rest", + "version" : "2.1.13.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 29, + "parents" : [ 1 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "locations" : [ { + "filepath" : "backend/pom.xml", + "beginLine" : 35, + "endLine" : 36, + "code" : "\t\t\torg.springframework.boot\n\t\t\tspring-boot-starter-data-rest" + } ], + "directDependency" : true, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "AUTO" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.boot:spring-boot-starter-json:2.1.13.RELEASE", + "group" : "org.springframework.boot", + "name" : "spring-boot-starter-json", + "version" : "2.1.13.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 6, + "parents" : [ 4 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.boot:spring-boot-starter-log4j2:2.1.13.RELEASE", + "group" : "org.springframework.boot", + "name" : "spring-boot-starter-log4j2", + "version" : "2.1.13.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 51, + "parents" : [ 1 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "locations" : [ { + "filepath" : "backend/pom.xml", + "beginLine" : 134, + "endLine" : 135, + "code" : "\t\t\torg.springframework.boot\n\t\t\tspring-boot-starter-log4j2" + } ], + "directDependency" : true, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "AUTO" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.boot:spring-boot-starter-test:2.1.13.RELEASE", + "group" : "org.springframework.boot", + "name" : "spring-boot-starter-test", + "version" : "2.1.13.RELEASE", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 58, + "parents" : [ 1 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "locations" : [ { + "filepath" : "backend/pom.xml", + "beginLine" : 147, + "endLine" : 148, + "code" : "\t\t\torg.springframework.boot\n\t\t\tspring-boot-starter-test" + } ], + "directDependency" : true, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "AUTO" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.boot:spring-boot-starter-tomcat:2.1.13.RELEASE", + "group" : "org.springframework.boot", + "name" : "spring-boot-starter-tomcat", + "version" : "2.1.13.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 14, + "parents" : [ 4 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.boot:spring-boot-starter-web:2.1.13.RELEASE", + "group" : "org.springframework.boot", + "name" : "spring-boot-starter-web", + "version" : "2.1.13.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 4, + "parents" : [ 1, 29, 38 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "locations" : [ { + "filepath" : "backend/pom.xml", + "beginLine" : 31, + "endLine" : 32, + "code" : "\t\t\torg.springframework.boot\n\t\t\tspring-boot-starter-web" + } ], + "directDependency" : true, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "AUTO" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.boot:spring-boot-starter-websocket:2.1.13.RELEASE", + "group" : "org.springframework.boot", + "name" : "spring-boot-starter-websocket", + "version" : "2.1.13.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 38, + "parents" : [ 1 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "locations" : [ { + "filepath" : "backend/pom.xml", + "beginLine" : 41, + "endLine" : 42, + "code" : "\t\t\torg.springframework.boot\n\t\t\tspring-boot-starter-websocket" + } ], + "directDependency" : true, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "AUTO" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.boot:spring-boot-starter:2.1.13.RELEASE", + "group" : "org.springframework.boot", + "name" : "spring-boot-starter", + "version" : "2.1.13.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 5, + "parents" : [ 4, 6, 1, 58 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "locations" : [ { + "filepath" : "backend/pom.xml", + "beginLine" : 124, + "endLine" : 125, + "code" : "\t\t\torg.springframework.boot\n\t\t\tspring-boot-starter" + } ], + "directDependency" : true, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "AUTO" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.boot:spring-boot-test-autoconfigure:2.1.13.RELEASE", + "group" : "org.springframework.boot", + "name" : "spring-boot-test-autoconfigure", + "version" : "2.1.13.RELEASE", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 60, + "parents" : [ 58 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.boot:spring-boot-test:2.1.13.RELEASE", + "group" : "org.springframework.boot", + "name" : "spring-boot-test", + "version" : "2.1.13.RELEASE", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 59, + "parents" : [ 58, 60 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.boot:spring-boot:2.1.13.RELEASE", + "group" : "org.springframework.boot", + "name" : "spring-boot", + "version" : "2.1.13.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 47, + "parents" : [ 5, 48, 59 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.data:spring-data-commons:2.1.16.RELEASE", + "group" : "org.springframework.data", + "name" : "spring-data-commons", + "version" : "2.1.16.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 35, + "parents" : [ 31 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.data:spring-data-rest-core:3.1.16.RELEASE", + "group" : "org.springframework.data", + "name" : "spring-data-rest-core", + "version" : "3.1.16.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 31, + "parents" : [ 30 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.data:spring-data-rest-webmvc:3.1.16.RELEASE", + "group" : "org.springframework.data", + "name" : "spring-data-rest-webmvc", + "version" : "3.1.16.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 30, + "parents" : [ 29 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.hateoas:spring-hateoas:0.25.2.RELEASE", + "group" : "org.springframework.hateoas", + "name" : "spring-hateoas", + "version" : "0.25.2.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 33, + "parents" : [ 31 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework.plugin:spring-plugin-core:1.2.0.RELEASE", + "group" : "org.springframework.plugin", + "name" : "spring-plugin-core", + "version" : "1.2.0.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 36, + "parents" : [ 31 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework:spring-aop:5.1.14.RELEASE", + "group" : "org.springframework", + "name" : "spring-aop", + "version" : "5.1.14.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 26, + "parents" : [ 25, 27, 33, 36 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework:spring-beans:5.1.14.RELEASE", + "group" : "org.springframework", + "name" : "spring-beans", + "version" : "5.1.14.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 23, + "parents" : [ 7, 26, 25, 27, 32, 33, 35, 36, 39 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework:spring-context:5.1.14.RELEASE", + "group" : "org.springframework", + "name" : "spring-context", + "version" : "5.1.14.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 27, + "parents" : [ 25, 33, 36, 40, 47 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework:spring-core:5.1.14.RELEASE", + "group" : "org.springframework", + "name" : "spring-core", + "version" : "5.1.14.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 24, + "parents" : [ 23, 7, 26, 27, 25, 28, 32, 33, 35, 39, 40, 47, 5, 58, 75 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework:spring-expression:5.1.14.RELEASE", + "group" : "org.springframework", + "name" : "spring-expression", + "version" : "5.1.14.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 28, + "parents" : [ 27, 25 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework:spring-jcl:5.1.14.RELEASE", + "group" : "org.springframework", + "name" : "spring-jcl", + "version" : "5.1.14.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 49, + "parents" : [ 24 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework:spring-messaging:5.1.14.RELEASE", + "group" : "org.springframework", + "name" : "spring-messaging", + "version" : "5.1.14.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 39, + "parents" : [ 38 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework:spring-test:5.1.14.RELEASE", + "group" : "org.springframework", + "name" : "spring-test", + "version" : "5.1.14.RELEASE", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 75, + "parents" : [ 58 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework:spring-tx:5.1.14.RELEASE", + "group" : "org.springframework", + "name" : "spring-tx", + "version" : "5.1.14.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 32, + "parents" : [ 31 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework:spring-web:5.1.14.RELEASE", + "group" : "org.springframework", + "name" : "spring-web", + "version" : "5.1.14.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 7, + "parents" : [ 6, 4, 25, 33, 40 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework:spring-webmvc:5.1.14.RELEASE", + "group" : "org.springframework", + "name" : "spring-webmvc", + "version" : "5.1.14.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 25, + "parents" : [ 4, 33, 30 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.springframework:spring-websocket:5.1.14.RELEASE", + "group" : "org.springframework", + "name" : "spring-websocket", + "version" : "5.1.14.RELEASE", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 40, + "parents" : [ 38 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.tukaani:xz:1.9.2-malicious", + "group" : "org.tukaani", + "name" : "xz", + "version" : "1.9.2-malicious", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 42, + "parents" : [ 1 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "locations" : [ { + "filepath" : "backend/pom.xml", + "beginLine" : 54, + "endLine" : 55, + "code" : "\t\t\torg.tukaani\n\t\t\txz" + } ], + "directDependency" : true, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "AUTO" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.xmlunit:xmlunit-core:2.6.3", + "group" : "org.xmlunit", + "name" : "xmlunit-core", + "version" : "2.6.3", + "scope" : "test", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 76, + "parents" : [ 58 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/backend/pom.xml", + "fileName" : "pom.xml", + "virtual" : false, + "type" : "library", + "language" : "java", + "repositoryType" : "Maven", + "displayFileName" : "maven/org.yaml:snakeyaml:1.23", + "group" : "org.yaml", + "name" : "snakeyaml", + "version" : "1.23", + "scope" : "compile", + "ecosystem" : "maven", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 50, + "parents" : [ 5, 57 ], + "dependencyPaths" : [ "backend/pom.xml" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/@types:babel-types:7.0.16", + "group" : "@types", + "name" : "babel-types", + "version" : "7.0.16", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 80, + "parents" : [ 81, 114 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/@types:babylon:6.16.9", + "group" : "@types", + "name" : "babylon", + "version" : "6.16.9", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 81, + "parents" : [ 114 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/abbrev:1.1.1", + "name" : "abbrev", + "version" : "1.1.1", + "scope" : "dev", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 82, + "parents" : [ 202 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/accepts:1.3.8", + "name" : "accepts", + "version" : "1.3.8", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 83, + "parents" : [ 139 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/acorn:4.0.13", + "name" : "acorn", + "version" : "4.0.13", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 84, + "parents" : [ 85, 171 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/acorn-globals:3.1.0", + "name" : "acorn-globals", + "version" : "3.1.0", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 85, + "parents" : [ 269 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/align-text:0.1.4", + "name" : "align-text", + "version" : "0.1.4", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 86, + "parents" : [ 107, 237 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/anymatch:3.1.3", + "name" : "anymatch", + "version" : "3.1.3", + "scope" : "dev", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 87, + "parents" : [ 109 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/array-flatten:1.1.1", + "name" : "array-flatten", + "version" : "1.1.1", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 88, + "parents" : [ 139 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/asap:2.0.6", + "name" : "asap", + "version" : "2.0.6", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 89, + "parents" : [ 212 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/async:2.6.4", + "name" : "async", + "version" : "2.6.4", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 90, + "parents" : [ 156 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/async-limiter:1.0.1", + "name" : "async-limiter", + "version" : "1.0.1", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 91, + "parents" : [ 272 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/lodash:4.17.21", + "name" : "lodash", + "version" : "4.17.21", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 92, + "parents" : [ 90 ], + "dependencyPaths" : [ "package-lock.json" ], + "locations" : [ { + "filepath" : "package.json", + "beginLine" : 21, + "endLine" : 21, + "code" : "\"lodash\": \"4.17.11\"," + } ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/babel-runtime:6.26.0", + "name" : "babel-runtime", + "version" : "6.26.0", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 93, + "parents" : [ 94 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/babel-types:6.26.0", + "name" : "babel-types", + "version" : "6.26.0", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 94, + "parents" : [ 114 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/babylon:6.18.0", + "name" : "babylon", + "version" : "6.18.0", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 95, + "parents" : [ 114 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/balanced-match:1.0.2", + "name" : "balanced-match", + "version" : "1.0.2", + "scope" : "dev", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 96, + "parents" : [ 100 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/binary-extensions:2.2.0", + "name" : "binary-extensions", + "version" : "2.2.0", + "scope" : "dev", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 97, + "parents" : [ 168 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/biskviit:1.0.1", + "name" : "biskviit", + "version" : "1.0.1", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 98, + "parents" : [ 142 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/body-parser:1.20.2", + "name" : "body-parser", + "version" : "1.20.2", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 99, + "parents" : [ 79 ], + "dependencyPaths" : [ "package-lock.json" ], + "locations" : [ { + "filepath" : "package.json", + "beginLine" : 13, + "endLine" : 13, + "code" : "\"body-parser\": \"^1.20.2\"," + } ], + "directDependency" : true, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "AUTO" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/brace-expansion:1.1.11", + "name" : "brace-expansion", + "version" : "1.1.11", + "scope" : "dev", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 100, + "parents" : [ 193 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/braces:3.0.3", + "licenses" : [ { + "name" : "MIT", + "spdxId" : "MIT", + "url" : "http://www.opensource.org/licenses/MIT", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "braces", + "version" : "3.0.3", + "scope" : "dev", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 101, + "parents" : [ 109 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/bytes:3.1.2", + "licenses" : [ { + "name" : "MIT", + "spdxId" : "MIT", + "url" : "http://www.opensource.org/licenses/MIT", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "bytes", + "version" : "3.1.2", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 102, + "parents" : [ 99, 140, 141, 232 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/call-bind:1.0.6", + "licenses" : [ { + "name" : "MIT", + "spdxId" : "MIT", + "url" : "http://www.opensource.org/licenses/MIT", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "call-bind", + "version" : "1.0.6", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 103, + "parents" : [ 247 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/call-bind-apply-helpers:1.0.2", + "licenses" : [ { + "name" : "MIT", + "spdxId" : "MIT", + "url" : "http://www.opensource.org/licenses/MIT", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "call-bind-apply-helpers", + "version" : "1.0.2", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 104, + "parents" : [ 105, 128, 152 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/call-bound:1.0.4", + "licenses" : [ { + "name" : "MIT", + "spdxId" : "MIT", + "url" : "http://www.opensource.org/licenses/MIT", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "call-bound", + "version" : "1.0.4", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 105, + "parents" : [ 177 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/camelcase:1.2.1", + "licenses" : [ { + "name" : "MIT", + "spdxId" : "MIT", + "url" : "http://www.opensource.org/licenses/MIT", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "camelcase", + "version" : "1.2.1", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 106, + "parents" : [ 274 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/center-align:0.1.3", + "licenses" : [ { + "name" : "MIT", + "spdxId" : "MIT", + "url" : "http://www.opensource.org/licenses/MIT", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "center-align", + "version" : "0.1.3", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 107, + "parents" : [ 111 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/character-parser:2.2.0", + "licenses" : [ { + "name" : "MIT", + "spdxId" : "MIT", + "url" : "http://www.opensource.org/licenses/MIT", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "character-parser", + "version" : "2.2.0", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 108, + "parents" : [ 223 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/chokidar:3.6.0", + "licenses" : [ { + "name" : "MIT", + "spdxId" : "MIT", + "url" : "http://www.opensource.org/licenses/MIT", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "chokidar", + "version" : "3.6.0", + "scope" : "dev", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 109, + "parents" : [ 199 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/clean-css:4.2.4", + "licenses" : [ { + "name" : "MIT", + "spdxId" : "MIT", + "url" : "http://www.opensource.org/licenses/MIT", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "clean-css", + "version" : "4.2.4", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 110, + "parents" : [ 220 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/cliui:2.1.0", + "licenses" : [ { + "name" : "ISC", + "spdxId" : "ISC", + "url" : "https://www.isc.org/downloads/software-support-policy/isc-license/", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "cliui", + "version" : "2.1.0", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 111, + "parents" : [ 274 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/wordwrap:0.0.2", + "licenses" : [ { + "name" : "MIT", + "spdxId" : "MIT", + "url" : "http://www.opensource.org/licenses/MIT", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "wordwrap", + "version" : "0.0.2", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 112, + "parents" : [ 111 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/concat-map:0.0.1", + "licenses" : [ { + "name" : "MIT", + "spdxId" : "MIT", + "url" : "http://www.opensource.org/licenses/MIT", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "concat-map", + "version" : "0.0.1", + "scope" : "dev", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 113, + "parents" : [ 100 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/constantinople:3.1.2", + "licenses" : [ { + "name" : "MIT", + "spdxId" : "MIT", + "url" : "http://www.opensource.org/licenses/MIT", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "constantinople", + "version" : "3.1.2", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 114, + "parents" : [ 217, 218, 220 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/content-disposition:0.5.4", + "licenses" : [ { + "name" : "MIT", + "spdxId" : "MIT", + "url" : "http://www.opensource.org/licenses/MIT", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "content-disposition", + "version" : "0.5.4", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 115, + "parents" : [ 139 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/content-type:1.0.5", + "licenses" : [ { + "name" : "MIT", + "spdxId" : "MIT", + "url" : "http://www.opensource.org/licenses/MIT", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "content-type", + "version" : "1.0.5", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "paths" : { + "id" : 116, + "parents" : [ 99, 139, 140 ], + "dependencyPaths" : [ "package-lock.json" ], + "directDependency" : false, + "currentProject" : false, + "root" : false + }, + "remediable" : { + "remediableLevel" : "MANUAL", + "nonRemediableReason" : "Transitive dependency cannot be fixed automatically" + }, + "tags" : [ "in-app-code", "in-repo" ] + }, { + "actualFilePath" : "/home/lrodriguez/work/Damn-vulnerable-sca/package-lock.json", + "fileName" : "package-lock.json", + "virtual" : true, + "type" : "library", + "language" : "javascript", + "repositoryType" : "Npm", + "displayFileName" : "npm/cookie:0.5.0", + "licenses" : [ { + "name" : "MIT", + "spdxId" : "MIT", + "url" : "http://www.opensource.org/licenses/MIT", + "confidence" : 1.0, + "licenseKind" : "Permissive" + } ], + "name" : "cookie", + "version" : "0.5.0", + "scope" : "", + "ecosystem" : "npm", + "hierarchyResolved" : true, + "hashes" : { }, + "vulnerabilities" : [ { + "id" : "CVE-2024-47764", + "severity" : "low", + "cve" : "CVE-2024-47764", + "cwes" : [ ], + "identifiers" : { }, + "userId" : "CVE-2024-47764", + "source" : { + "name" : "OSV", + "url" : "https://nvd.nist.gov/vuln/detail/CVE-2024-47764" + }, + "versions" : [ { + "startVersion" : "0", + "versionStartExcluded" : false, + "endVersion" : "0.7.0", + "versionEndExcluded" : true + } ], + "fixedVersion" : "0.7.0", + "language" : "javascript", + "aliases" : [ "GHSA-pxg6-pf52-xh8x" ], + "uniqueHash" : "CVE-2024-47764#:cookie:0.5.0:javascript", + "affectedComponent" : ":cookie:0.5.0", + "references" : [ "[WEB](https://github.com/jshttp/cookie/security/advisories/GHSA-pxg6-pf52-xh8x)", "[WEB](https://github.com/jshttp/cookie/pull/167)", "[WEB](https://github.com/jshttp/cookie/commit/e10042845354fea83bd8f34af72475eed1dadf5c)", "[PACKAGE](https://github.com/jshttp/cookie)" ], + "name" : "CVE-2024-47764", + "description" : "### Impact\n\nThe cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. For example, `serialize(\"userName=; Max-Age=2592000; a\", value)` would result in `\"userName=; Max-Age=2592000; a=test\"`, setting `userName` cookie to `