Checkmarx (SAST): CSRF
Security Issue: Read More about CSRF
Checkmarx Project: Nova-8/Damm-Vulnerable-CSharp-API
Repository URL: https://github.com/Nova-8/Damm-Vulnerable-CSharp-API
Branch: master
Scan ID: 2f22541b-da6c-459f-9285-99da61e0ed7d
Method Import at line 80 of /Controllers/ProductsController.cs gets a parameter from a user request from Import. This parameter value flows through the code and is eventually used to access application state altering functionality. This may enable Cross-Site Request Forgery (CSRF).
Result 1:
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
Attack Vector:
1. Import: /Controllers/ProductsController.cs[80,28]
Review result in Checkmarx One: CSRF
Result 2:
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
Attack Vector:
1. Post: /Controllers/ProductsController.cs[32,28]
Review result in Checkmarx One: CSRF
Checkmarx (SAST): CSRF
Security Issue: Read More about CSRF
Checkmarx Project: Nova-8/Damm-Vulnerable-CSharp-API
Repository URL: https://github.com/Nova-8/Damm-Vulnerable-CSharp-API
Branch: master
Scan ID: 2f22541b-da6c-459f-9285-99da61e0ed7d
Method Import at line 80 of /Controllers/ProductsController.cs gets a parameter from a user request from Import. This parameter value flows through the code and is eventually used to access application state altering functionality. This may enable Cross-Site Request Forgery (CSRF).
Result 1:
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
Attack Vector:
1. Import: /Controllers/ProductsController.cs[80,28]
Review result in Checkmarx One: CSRF
Result 2:
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
Attack Vector:
1. Post: /Controllers/ProductsController.cs[32,28]
Review result in Checkmarx One: CSRF