CX CSRF @ src/main/webapp/admin/manageusers.jsp [refs/heads/master]

**CSRF** issue exists @ **src/main/webapp/admin/manageusers.jsp** in branch **refs/heads/master**

*Method user=request.getParameter at line 13 of src\main\webapp\admin\manageusers.jsp gets a parameter from a user request from &quot;&quot;user&quot;&quot;. This parameter value flows through the code and is eventually used to access application state altering functionality. This may enable Cross-Site Request Forgery (CSRF).*

Severity: Medium

CWE:352

[Vulnerability details and guidance](https://cwe.mitre.org/data/definitions/352.html)

[Checkmarx](https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1007325&projectid=1350&pathid=232)

[Training](null)
[Recommended Fix](https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=648&queryVersionCode=56758536&queryTitle=CSRF)

Lines: 13 

---
[Code (Line #13):](null#L13)
```
     String user=request.getParameter("user");      
```
---


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CX CSRF @ src/main/webapp/admin/manageusers.jsp [refs/heads/master] #195

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

CX CSRF @ src/main/webapp/admin/manageusers.jsp [refs/heads/master] #195

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions