Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-20403

Code Security Scan report

    XMLWordPrintable

Details

    • Security
    • Resolution: Invalid
    • Major
    • None
    • 13.10.10
    • Other
    • Unknown
    • N/A
    • N/A

    Description

       BugsType    COUNT LEVEL:
       Absolute Path Traversal 38 HIGH
       HTTP Response Splitting 38 HIGH
       Reflected XSS All Clients 34 HIGH
       Leftover Debug Code 12 HIGH
       Authorization Bypass Through User Controlled SQL PrimaryKey 2 HIGH
       Second Order SQL Injection 2 HIGH
       Blind SQL Injections 1 HIGH
       SQL Injection 1 HIGH
       Unchecked Input for Loop Condition 95 LOW
       HttpOnlyCookies 27 LOW

       

      FILE_NAME     EASY_ATTACK_COUNT
      /xwiki-platform-stable-13.10.x/xwiki-platform-core/xwiki-platformmodel/xwiki-platform-modelapi/src/main/java/org/xwiki/model/reference/EntityReference.java 81
      /xwiki-platform-stable-13.10.x/xwiki-platform-core/xwiki-platformlivedata/xwiki-platform-livedatalivetable/src/main/java/org/xwiki/livedata/internal/livetable/LiveTableRequest.java  52
      /xwiki-platform-stable-13.10.x/xwiki-platform-core/xwiki-platformmodel/xwiki-platform-modelapi/src/main/java/org/xwiki/model/internal/reference/DefaultReferenceDocumentReferenceResolver.java  52
      /xwiki-platform-stable-13.10.x/xwiki-platform-core/xwiki-platformoldcore/src/main/java/com/xpn/xwiki/XWiki.java 50
      /xwiki-platform-stable-13.10.x/xwiki-platform-core/xwiki-platformmodel/xwiki-platform-modelapi/src/main/java/org/xwiki/model/internal/reference/AbstractReferenceEntityReferenceResolver.java 50
      /xwiki-platform-stable-13.10.x/xwiki-platform-core/xwiki-platformoldcore/src/main/java/com/xpn/xwiki/internal/model/reference/Current
      GetDocumentDocumentReferenceResolver.java   34
      /xwiki-platform-stable-13.10.x/xwiki-platform-core/xwiki-platformoldcore/src/main/java/com/xpn/xwiki/internal/model/reference/AbstractCurrentGetReferenceResolver.java  34
      /xwiki-platform-stable-13.10.x/xwiki-platform-core/xwiki-platformmodel/xwiki-platform-modelapi/src/main/java/org/xwiki/model/internal/reference/PathStringDocumentReferenceResolver.java 27
      /xwiki-platform-stable-13.10.x/xwiki-platform-core/xwiki-platformoldcore/src/main/java/com/xpn/xwiki/XWikiContext.java 26
      /xwiki-platform-stable-13.10.x/xwiki-platform-core/xwiki-platformoldcore/src/main/java/com/xpn/xwiki/doc/XWikiDocument.java 21

      Attachments

        Activity

          People

            surli Simon Urli
            zhaoan cheng
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: