Code Security Report: 4 high severity findings, 14 total findings

[mend-for-github-com]

Code Security Report

Scan Metadata

Latest Scan: 2024-05-27 12:19pm
Total Findings: 14 | New Findings: 0 | Resolved Findings: 0
Tested Project Files: 451
Detected Programming Languages: 1 (JavaScript / TypeScript*)

• Check this box to manually trigger a scan

Most Relevant Findings

The list below presents the 10 most relevant findings that need your attention. To view information on the remaining findings, navigate to the Mend Application.

Severity	Vulnerability Type	CWE	File	Data Flows	Date
High	Cross-Site Scripting	CWE-79	index.js:14	1	2024-05-27 12:19pm
Vulnerable Code bruno/packages/bruno-tests/src/echo/index.js Lines 9 to 14 in 1c09e8a res.setHeader('Content-Type', 'text/plain'); return res.send(req.body); }); router.post('/xml-parsed', (req, res) => { return res.send(req.body); 1 Data Flow/s detected bruno/packages/bruno-tests/src/echo/index.js Line 13 in 1c09e8a router.post('/xml-parsed', (req, res) => { Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Cross-Site Scripting Training ● Videos    ▪ Secure Code Warrior Cross-Site Scripting Video
High	Cross-Site Scripting	CWE-79	index.js:19	1	2024-05-27 12:19pm
Vulnerable Code bruno/packages/bruno-tests/src/echo/index.js Lines 14 to 19 in 1c09e8a return res.send(req.body); }); router.post('/xml-raw', (req, res) => { res.setHeader('Content-Type', 'application/xml'); return res.send(req.rawBody); 1 Data Flow/s detected bruno/packages/bruno-tests/src/echo/index.js Line 17 in 1c09e8a router.post('/xml-raw', (req, res) => { Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Cross-Site Scripting Training ● Videos    ▪ Secure Code Warrior Cross-Site Scripting Video
High	Cross-Site Scripting	CWE-79	index.js:10	1	2024-05-27 12:19pm
Vulnerable Code bruno/packages/bruno-tests/src/echo/index.js Lines 5 to 10 in 1c09e8a return res.json(req.body); }); router.post('/text', (req, res) => { res.setHeader('Content-Type', 'text/plain'); return res.send(req.body); 1 Data Flow/s detected bruno/packages/bruno-tests/src/echo/index.js Line 8 in 1c09e8a router.post('/text', (req, res) => { Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Cross-Site Scripting Training ● Videos    ▪ Secure Code Warrior Cross-Site Scripting Video
High	Cross-Site Scripting	CWE-79	authorizationCode.js:86	1	2024-05-27 12:19pm
Vulnerable Code bruno/packages/bruno-tests/src/auth/oauth2/authorizationCode.js Lines 81 to 86 in 1c09e8a <button id='authorize'>Authorize</button> </body> </html> `; res.send(_res); 1 Data Flow/s detected bruno/packages/bruno-tests/src/auth/oauth2/authorizationCode.js Line 27 in 1c09e8a router.get('/authorize', (req, res) => { bruno/packages/bruno-tests/src/auth/oauth2/authorizationCode.js Line 28 in 1c09e8a const { response_type, client_id, redirect_uri, code_challenge } = req.query; bruno/packages/bruno-tests/src/auth/oauth2/authorizationCode.js Line 52 in 1c09e8a const redirectUrl = `${redirect_uri}?code=${authorization_code}`; bruno/packages/bruno-tests/src/auth/oauth2/authorizationCode.js Line 61 in 1c09e8a const _res = ` bruno/packages/bruno-tests/src/auth/oauth2/authorizationCode.js Line 86 in 1c09e8a res.send(_res); Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Cross-Site Scripting Training ● Videos    ▪ Secure Code Warrior Cross-Site Scripting Video
Medium	Regex Denial of Service (ReDoS)	CWE-1333	index.js:9	1	2024-05-27 12:19pm
Vulnerable Code bruno/packages/bruno-tests/src/index.js Lines 4 to 9 in 1c09e8a const cors = require('cors'); const multer = require('multer'); const app = new express(); const port = process.env.PORT || 8080; const upload = multer(); 1 Data Flow/s detected bruno/packages/bruno-tests/src/index.js Line 9 in 1c09e8a const upload = multer(); Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Regex Denial of Service (ReDoS) Training ● Videos    ▪ Secure Code Warrior Regex Denial of Service (ReDoS) Video
Medium	Hardcoded Password/Credentials	CWE-798	passwordCredentials.js:26	1	2024-05-27 12:19pm
Vulnerable Code bruno/packages/bruno-tests/src/auth/oauth2/passwordCredentials.js Line 26 in 1c09e8a var token = jwt.sign({ username, password }, 'bruno'); Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Hardcoded Password/Credentials Training ● Videos    ▪ Secure Code Warrior Hardcoded Password/Credentials Video ● Further Reading    ▪ OWASP Top Ten 2017 A3: Sensitive Data Exposure    ▪ OWASP Top Ten Proactive Controls 2018 C8: Protect Data Everywhere    ▪ OWASP Top Ten 2021 A02: Cryptographic Failures
Low	Log Forging	CWE-117	clientCredentials.js:32	1	2024-05-27 12:19pm
Vulnerable Code bruno/packages/bruno-tests/src/auth/oauth2/clientCredentials.js Lines 27 to 32 in 1c09e8a client_id = req?.headers?.client_id; client_secret = req?.headers?.client_secret; scope = req?.headers?.scope; } console.log('client_cred', client_id, client_secret, scope); 1 Data Flow/s detected bruno/packages/bruno-tests/src/auth/oauth2/clientCredentials.js Line 18 in 1c09e8a router.post('/token', (req, res) => { bruno/packages/bruno-tests/src/auth/oauth2/clientCredentials.js Line 22 in 1c09e8a client_id = req?.body?.client_id; bruno/packages/bruno-tests/src/auth/oauth2/clientCredentials.js Line 32 in 1c09e8a console.log('client_cred', client_id, client_secret, scope); Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Log Forging Training ● Videos    ▪ Secure Code Warrior Log Forging Video ● Further Reading    ▪ OWASP Log Forging
Low	Log Forging	CWE-117	authorizationCode.js:105	1	2024-05-27 12:19pm
Vulnerable Code bruno/packages/bruno-tests/src/auth/oauth2/authorizationCode.js Lines 100 to 105 in 1c09e8a return res.json({ message: 'Authorization successful', storedAuthCode }); }); router.post('/token', (req, res) => { console.log('authorization code token', req.body, req.headers); 1 Data Flow/s detected bruno/packages/bruno-tests/src/auth/oauth2/authorizationCode.js Line 104 in 1c09e8a router.post('/token', (req, res) => { Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Log Forging Training ● Videos    ▪ Secure Code Warrior Log Forging Video ● Further Reading    ▪ OWASP Log Forging
Low	Log Forging	CWE-117	authorizationCode.js:156	1	2024-05-27 12:19pm
Vulnerable Code bruno/packages/bruno-tests/src/auth/oauth2/authorizationCode.js Lines 151 to 156 in 1c09e8a res.json({ access_token: accessToken }); }); router.post('/resource', (req, res) => { try { console.log('authorization code resource', req.query, tokens); 1 Data Flow/s detected bruno/packages/bruno-tests/src/auth/oauth2/authorizationCode.js Line 154 in 1c09e8a router.post('/resource', (req, res) => { Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Log Forging Training ● Videos    ▪ Secure Code Warrior Log Forging Video ● Further Reading    ▪ OWASP Log Forging
Low	Log Forging	CWE-117	authorizationCode.js:29	1	2024-05-27 12:19pm
Vulnerable Code bruno/packages/bruno-tests/src/auth/oauth2/authorizationCode.js Lines 24 to 29 in 1c09e8a return base64Hash.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, ''); }; router.get('/authorize', (req, res) => { const { response_type, client_id, redirect_uri, code_challenge } = req.query; console.log('authorization code authorize', req.query); 1 Data Flow/s detected bruno/packages/bruno-tests/src/auth/oauth2/authorizationCode.js Line 27 in 1c09e8a router.get('/authorize', (req, res) => { Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Log Forging Training ● Videos    ▪ Secure Code Warrior Log Forging Video ● Further Reading    ▪ OWASP Log Forging

Findings Overview

Severity	Vulnerability Type	CWE	Language	Count
High	Cross-Site Scripting	CWE-79	JavaScript / TypeScript*	4
Medium	Hardcoded Password/Credentials	CWE-798	JavaScript / TypeScript*	1
Medium	Regex Denial of Service (ReDoS)	CWE-1333	JavaScript / TypeScript*	1
Low	Cookie Without 'HttpOnly' Flag	CWE-1004	JavaScript / TypeScript*	1
Low	Log Forging	CWE-117	JavaScript / TypeScript*	6
Low	Sensitive Cookie Without Secure	CWE-614	JavaScript / TypeScript*	1