Skip to content

Comments

SQL Injection vulnerability fix (powered by Mobb)#8

Open
eitanMobb wants to merge 1 commit intomainfrom
Mobb-fix-5a9ef
Open

SQL Injection vulnerability fix (powered by Mobb)#8
eitanMobb wants to merge 1 commit intomainfrom
Mobb-fix-5a9ef

Conversation

@eitanMobb
Copy link
Owner

@eitanMobb eitanMobb commented May 19, 2024

This change fixes a high severity (🚩) SQL Injection issue reported by Checkmarx.

Issue description

SQL Injection allows attackers to execute malicious SQL queries by manipulating input data. This can result in unauthorized access to sensitive data, data manipulation, or even complete database compromise.

Fix instructions

Use parameterized queries or prepared statements to sanitize user input and prevent manipulation of the SQL query.

More info and fix customization are available in the Mobb platform

@eitanMobb
Copy link
Owner Author

eitanMobb commented May 19, 2024

Logo
Checkmarx One – Scan Summary & Details08a9a6ab-617e-4759-aabf-4582d709f27f

New Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH CVE-2024-22262 Maven-org.springframework:spring-web-6.0.13 Vulnerable Package
HIGH CVE-2024-31573 Maven-org.xmlunit:xmlunit-core-2.9.1 Vulnerable Package

Fixed Issues

Severity Issue Source File / Package
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/jwt/js/jwt-voting.js: [43](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/jwt/js/jwt-voting.js# L43)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/clientsidefiltering/js/clientSideFiltering.js: [17](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/clientsidefiltering/js/clientSideFiltering.js# L17)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/xxe/js/xxe.js: [72](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/xxe/js/xxe.js# L72)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/sqlinjection/js/assignment13.js: [43](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/sqlinjection/js/assignment13.js# L43)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/csrf/js/csrf-review.js: [35](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/csrf/js/csrf-review.js# L35)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/xss/js/stored-xss.js: [35](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/xss/js/stored-xss.js# L35)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/challenges/js/challenge8.js: [46](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/challenges/js/challenge8.js# L46)
HIGH Client_DOM_Stored_XSS /src/main/resources/webgoat/static/js/goatApp/support/GoatUtils.js: [56](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/webgoat/static/js/goatApp/support/GoatUtils.js# L56)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/challenges/js/challenge8.js: [7](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/challenges/js/challenge8.js# L7)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/jwt/js/jwt-voting.js: [43](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/jwt/js/jwt-voting.js# L43)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/clientsidefiltering/js/clientSideFiltering.js: [17](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/clientsidefiltering/js/clientSideFiltering.js# L17)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/xxe/js/xxe.js: [72](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/xxe/js/xxe.js# L72)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/sqlinjection/js/assignment13.js: [43](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/sqlinjection/js/assignment13.js# L43)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/csrf/js/csrf-review.js: [35](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/csrf/js/csrf-review.js# L35)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/xss/js/stored-xss.js: [35](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/xss/js/stored-xss.js# L35)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/challenges/js/challenge8.js: [46](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/challenges/js/challenge8.js# L46)
HIGH Client_DOM_Stored_XSS /src/main/resources/webgoat/static/js/goatApp/support/GoatUtils.js: [56](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/webgoat/static/js/goatApp/support/GoatUtils.js# L56)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/challenges/js/challenge8.js: [7](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/challenges/js/challenge8.js# L7)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/xss/js/stored-xss.js: [35](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/xss/js/stored-xss.js# L35)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/jwt/js/jwt-voting.js: [43](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/jwt/js/jwt-voting.js# L43)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/clientsidefiltering/js/clientSideFiltering.js: [17](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/clientsidefiltering/js/clientSideFiltering.js# L17)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/xxe/js/xxe.js: [72](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/xxe/js/xxe.js# L72)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/sqlinjection/js/assignment13.js: [43](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/sqlinjection/js/assignment13.js# L43)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/csrf/js/csrf-review.js: [35](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/csrf/js/csrf-review.js# L35)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/xss/js/stored-xss.js: [35](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/xss/js/stored-xss.js# L35)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/challenges/js/challenge8.js: [46](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/challenges/js/challenge8.js# L46)
HIGH Client_DOM_Stored_XSS /src/main/resources/webgoat/static/js/goatApp/support/GoatUtils.js: [56](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/webgoat/static/js/goatApp/support/GoatUtils.js# L56)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/challenges/js/challenge8.js: [7](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/challenges/js/challenge8.js# L7)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/challenges/js/challenge8.js: [7](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/challenges/js/challenge8.js# L7)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/jwt/js/jwt-voting.js: [43](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/jwt/js/jwt-voting.js# L43)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/clientsidefiltering/js/clientSideFiltering.js: [17](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/clientsidefiltering/js/clientSideFiltering.js# L17)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/xxe/js/xxe.js: [72](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/xxe/js/xxe.js# L72)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/sqlinjection/js/assignment13.js: [43](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/sqlinjection/js/assignment13.js# L43)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/csrf/js/csrf-review.js: [35](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/csrf/js/csrf-review.js# L35)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/xss/js/stored-xss.js: [35](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/xss/js/stored-xss.js# L35)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/challenges/js/challenge8.js: [46](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/challenges/js/challenge8.js# L46)
HIGH Client_DOM_Stored_XSS /src/main/resources/webgoat/static/js/goatApp/support/GoatUtils.js: [56](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/webgoat/static/js/goatApp/support/GoatUtils.js# L56)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/challenges/js/challenge8.js: [46](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/challenges/js/challenge8.js# L46)
HIGH Client_DOM_Stored_XSS /src/main/resources/webgoat/static/js/goatApp/support/GoatUtils.js: [56](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/webgoat/static/js/goatApp/support/GoatUtils.js# L56)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/xss/js/stored-xss.js: [35](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/xss/js/stored-xss.js# L35)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/sqlinjection/js/assignment13.js: [43](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/sqlinjection/js/assignment13.js# L43)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/challenges/js/challenge8.js: [7](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/challenges/js/challenge8.js# L7)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/csrf/js/csrf-review.js: [35](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/csrf/js/csrf-review.js# L35)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/clientsidefiltering/js/clientSideFiltering.js: [17](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/clientsidefiltering/js/clientSideFiltering.js# L17)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/xxe/js/xxe.js: [72](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/xxe/js/xxe.js# L72)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/jwt/js/jwt-voting.js: [43](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/jwt/js/jwt-voting.js# L43)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/sqlinjection/js/assignment13.js: [43](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/sqlinjection/js/assignment13.js# L43)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/challenges/js/challenge8.js: [7](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/challenges/js/challenge8.js# L7)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/csrf/js/csrf-review.js: [35](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/csrf/js/csrf-review.js# L35)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/challenges/js/challenge8.js: [46](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/challenges/js/challenge8.js# L46)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/jwt/js/jwt-voting.js: [43](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/jwt/js/jwt-voting.js# L43)
HIGH Client_DOM_Stored_XSS /src/main/resources/webgoat/static/js/goatApp/support/GoatUtils.js: [56](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/webgoat/static/js/goatApp/support/GoatUtils.js# L56)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/clientsidefiltering/js/clientSideFiltering.js: [17](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/clientsidefiltering/js/clientSideFiltering.js# L17)
HIGH Client_DOM_Stored_XSS /src/main/resources/lessons/xxe/js/xxe.js: [72](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/resources/lessons/xxe/js/xxe.js# L72)
HIGH Deserialization_of_Untrusted_Data /src/main/java/org/owasp/webgoat/lessons/deserialization/InsecureDeserializationTask.java: [49](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/deserialization/InsecureDeserializationTask.java# L49)
HIGH Deserialization_of_Untrusted_Data /src/main/java/org/owasp/webgoat/lessons/vulnerablecomponents/VulnerableComponentsLesson.java: [40](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/vulnerablecomponents/VulnerableComponentsLesson.java# L40)
HIGH Deserialization_of_Untrusted_Data /src/main/java/org/owasp/webgoat/lessons/vulnerablecomponents/VulnerableComponentsLesson.java: [40](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/vulnerablecomponents/VulnerableComponentsLesson.java# L40)
HIGH Deserialization_of_Untrusted_Data /src/main/java/org/owasp/webgoat/lessons/deserialization/InsecureDeserializationTask.java: [49](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/deserialization/InsecureDeserializationTask.java# L49)
HIGH Deserialization_of_Untrusted_Data /src/main/java/org/owasp/webgoat/lessons/deserialization/InsecureDeserializationTask.java: [49](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/deserialization/InsecureDeserializationTask.java# L49)
HIGH Deserialization_of_Untrusted_Data /src/main/java/org/owasp/webgoat/lessons/vulnerablecomponents/VulnerableComponentsLesson.java: [40](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/vulnerablecomponents/VulnerableComponentsLesson.java# L40)
HIGH Deserialization_of_Untrusted_Data /src/main/java/org/owasp/webgoat/lessons/vulnerablecomponents/VulnerableComponentsLesson.java: [40](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/vulnerablecomponents/VulnerableComponentsLesson.java# L40)
HIGH Deserialization_of_Untrusted_Data /src/main/java/org/owasp/webgoat/lessons/deserialization/InsecureDeserializationTask.java: [49](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/deserialization/InsecureDeserializationTask.java# L49)
HIGH Reflected_XSS_All_Clients /src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignment.java: [98](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignment.java# L98)
HIGH Reflected_XSS_All_Clients /src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignment.java: [98](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignment.java# L98)
HIGH Reflected_XSS_All_Clients /src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignment.java: [98](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignment.java# L98)
HIGH Reflected_XSS_All_Clients /src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignment.java: [98](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignment.java# L98)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/container/users/RegistrationController.java: [54](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/container/users/RegistrationController.java# L54)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/container/users/RegistrationController.java: [44](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/container/users/RegistrationController.java# L44)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/container/users/RegistrationController.java: [44](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/container/users/RegistrationController.java# L44)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidationOnKeywords.java: [52](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidationOnKeywords.java# L52)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5b.java: [56](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5b.java# L56)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidation.java: [47](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidation.java# L47)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java: [60](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java# L60)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java: [60](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java# L60)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java: [60](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java# L60)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java: [60](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java# L60)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java: [59](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java# L59)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java: [59](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java# L59)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java: [59](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java# L59)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java: [59](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java# L59)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java: [58](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java# L58)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionLesson6a.java: [56](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionLesson6a.java# L56)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java: [55](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java# L55)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java: [55](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java# L55)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java: [55](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java# L55)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/challenges/challenge5/Assignment5.java: [50](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/challenges/challenge5/Assignment5.java# L50)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/challenges/challenge5/Assignment5.java: [50](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/challenges/challenge5/Assignment5.java# L50)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5.java: [70](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5.java# L70)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson2.java: [58](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson2.java# L58)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionChallenge.java: [57](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionChallenge.java# L57)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson4.java: [54](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson4.java# L54)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson3.java: [53](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson3.java# L53)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/jwt/claimmisuse/JWTHeaderKIDEndpoint.java: [86](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/jwt/claimmisuse/JWTHeaderKIDEndpoint.java# L86)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/container/users/RegistrationController.java: [54](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/container/users/RegistrationController.java# L54)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/container/users/RegistrationController.java: [44](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/container/users/RegistrationController.java# L44)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/container/users/RegistrationController.java: [44](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/container/users/RegistrationController.java# L44)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidationOnKeywords.java: [52](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidationOnKeywords.java# L52)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5b.java: [56](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5b.java# L56)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidation.java: [47](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidation.java# L47)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java: [60](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java# L60)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java: [60](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java# L60)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java: [60](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java# L60)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java: [60](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java# L60)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java: [59](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java# L59)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java: [59](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java# L59)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java: [59](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java# L59)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java: [59](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java# L59)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java: [58](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java# L58)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionLesson6a.java: [56](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionLesson6a.java# L56)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java: [55](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java# L55)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java: [55](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java# L55)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java: [55](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java# L55)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/challenges/challenge5/Assignment5.java: [50](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/challenges/challenge5/Assignment5.java# L50)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/challenges/challenge5/Assignment5.java: [50](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/challenges/challenge5/Assignment5.java# L50)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5.java: [70](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5.java# L70)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson2.java: [58](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson2.java# L58)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionChallenge.java: [57](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionChallenge.java# L57)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson4.java: [54](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson4.java# L54)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson3.java: [53](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson3.java# L53)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/jwt/claimmisuse/JWTHeaderKIDEndpoint.java: [86](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/jwt/claimmisuse/JWTHeaderKIDEndpoint.java# L86)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/container/users/RegistrationController.java: [54](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/container/users/RegistrationController.java# L54)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/container/users/RegistrationController.java: [44](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/container/users/RegistrationController.java# L44)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/container/users/RegistrationController.java: [44](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/container/users/RegistrationController.java# L44)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/jwt/claimmisuse/JWTHeaderKIDEndpoint.java: [86](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/jwt/claimmisuse/JWTHeaderKIDEndpoint.java# L86)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java: [60](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java# L60)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java: [59](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java# L59)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidation.java: [47](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidation.java# L47)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java: [59](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java# L59)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5b.java: [56](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5b.java# L56)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidationOnKeywords.java: [52](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidationOnKeywords.java# L52)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java: [59](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java# L59)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/container/users/RegistrationController.java: [44](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/container/users/RegistrationController.java# L44)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java: [58](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java# L58)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/container/users/RegistrationController.java: [44](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/container/users/RegistrationController.java# L44)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionLesson6a.java: [56](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionLesson6a.java# L56)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/container/users/RegistrationController.java: [54](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/container/users/RegistrationController.java# L54)
HIGH SQL_Injection /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java: [55](https://github.com/eitanMobb/WebGoat/blob/Mobb-fix-5a9ef//src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java# L55)
HIGH

More results are available on AST platform

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@eitanMobb