CX HTTP_Response_Splitting @ BookDetail_jsp2.java [master]

[cxflowtestuser]

HTTP_Response_Splitting issue exists @ BookDetail_jsp2.java in branch master

Method getParam at line 167 of BookDetail_jsp2.java gets user input from the paramName element. This element’s value then flows through the code without being properly sanitized or validated, and is eventually used in an HTTP response header in DetailAction at line 431 of BookDetail_jsp2.java. This may enable an HTTP Response Splitting attack, in certain older versions that do not mitigate this attack.

Severity: Medium

CWE:113

Vulnerability details and guidance

Internal Guidance

Checkmarx

Training
Recommended Fix

Lines: 168 409

---

Code (Line #168):

    String param = req.getParameter(paramName);

---

Code (Line #409):

        response.sendRedirect("Login.jsp?querystring=" + toURL(request.getQueryString()) + "&ret_page=" + toURL(request.getRequestURI()));

---

[cxflowtestuser]

Issue still exists.

SUMMARY

Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)

[cxflowtestuser]

Issue still exists.

SUMMARY

Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)

[cxflowtestuser]

Issue still exists.

SUMMARY

Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)

[cxflowtestuser]

Issue still exists.

SUMMARY

Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)

[cxflowtestuser]

Issue still exists.

SUMMARY

Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)

[cxflowtestuser]

Issue still exists.

SUMMARY

Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)