In src/java/com/example/acme/portal/resolver/core/DefaultResolverFactory.java on line 287, the
DefaultResolverFactory class deleteResolverWithPrefix method is vulnerable to SQL
injection through the user controlled prefix parameter. It is possible to exploit this issue as a
Contributor user through the Manage Resolvers functionality by adding a Resolver Prefix which contains a single
quote (') followed by some SQL and then selecting Delete on the given resolver.
Prepared statements ensure that an attacker is not able to change the intent of a query, even if SQL commands are inserted by an attacker. When used together with variable binding (also known as parameterized queries), this allows the database to distinguish between code and data, regardless of what user input is supplied.
src/java/com/example/acme/portal/resolver/core/DefaultResolverFactory.javaThis Express application does not appear to use a known library or tool to protect against cross-site request forgery. Ensure that all actions and routes that modify data are either protected with anti-CSRF tokens, or are designed in such a way to eliminate CSRF risk.
Check if your framework has built-in CSRF protection and use it if possible. If it does not, add tokens to all state changing requests and validate them on the backend. The synchronizer token pattern is a common method for implementing this but requires server-side state. Alternatively, stateless token patterns based on encryption or HMACs using a secret key on the server can be used.
src/app.js