Add SSTI, stored XSS, and SSRF vulnerability modules with Kotlin support #2
7 new alerts including 7 errors
New alerts in code changed by this pull request
- 7 errors
See annotations below for details.
Annotations
Check failure on line 29 in src/main/java/org/seqra/spring/content/MarketingTemplateService.java
Code scanning / OpenTaint
Unvalidated user data flows into template engine Error
Check failure on line 28 in src/main/java/org/seqra/spring/content/NotificationTemplateService.java
Code scanning / OpenTaint
Unvalidated user data flows into template engine Error
Check failure on line 30 in src/main/java/org/seqra/spring/content/TemplateRenderingService.java
Code scanning / OpenTaint
Unvalidated user data flows into template engine Error
Check failure on line 59 in src/main/java/org/seqra/spring/messaging/MessageController.java
Code scanning / OpenTaint
Potential cross-site scripting (XSS) Error
Check failure on line 98 in src/main/java/org/seqra/spring/messaging/MessageController.java
Code scanning / OpenTaint
Potential cross-site scripting (XSS) Error
Check failure on line 133 in src/main/java/org/seqra/spring/messaging/MessageController.java
Code scanning / OpenTaint
Potential cross-site scripting (XSS) Error
Check failure on line 33 in src/main/kotlin/org/seqra/spring/proxy/UrlFetchService.kt
Code scanning / OpenTaint
Potential server-side request forgery (SSRF) Error