Checkmarx (SAST): SSRF
Security Issue: Read More about SSRF
Checkmarx Project: Nova-8/Damm-Vulnerable-CSharp-API
Repository URL: https://github.com/Nova-8/Damm-Vulnerable-CSharp-API
Branch: master
Scan ID: 2f22541b-da6c-459f-9285-99da61e0ed7d
The application sends a request to a remote server, for some resource, using url in /Controllers/UsersController.cs:83. However, an attacker can control the target of the request, by sending a URL or other data in Query at /Controllers/UsersController.cs:77.
Result 1:
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
Attack Vector:
1. Query: /Controllers/UsersController.cs[77,40]
2. ToString: /Controllers/UsersController.cs[77,53]
3. url: /Controllers/UsersController.cs[77,14]
4. url: /Controllers/UsersController.cs[83,66]
Review result in Checkmarx One: SSRF
Checkmarx (SAST): SSRF
Security Issue: Read More about SSRF
Checkmarx Project: Nova-8/Damm-Vulnerable-CSharp-API
Repository URL: https://github.com/Nova-8/Damm-Vulnerable-CSharp-API
Branch: master
Scan ID: 2f22541b-da6c-459f-9285-99da61e0ed7d
The application sends a request to a remote server, for some resource, using url in /Controllers/UsersController.cs:83. However, an attacker can control the target of the request, by sending a URL or other data in Query at /Controllers/UsersController.cs:77.
Result 1:
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
Attack Vector:
1. Query: /Controllers/UsersController.cs[77,40]
2. ToString: /Controllers/UsersController.cs[77,53]
3. url: /Controllers/UsersController.cs[77,14]
4. url: /Controllers/UsersController.cs[83,66]
Review result in Checkmarx One: SSRF