Skip to content

Merge XSS Example #29

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
kadraman wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Merge XSS Example #29

kadraman wants to merge 1 commit into from

Conversation

@kadraman
Copy link
Contributor

@kadraman kadraman commented May 7, 2025

An example PR for what would happen if some insecure code is tried to be merged back into main

@kadraman kadraman self-assigned this May 7, 2025
github-advanced-security[bot]
github-advanced-security bot found potential problems May 7, 2025
View reviewed changes
src/main/java/com/microfocus/example/web/controllers/UserController.java

String retContent = "User search using: " + keywords;

return ResponseEntity.ok().body(retContent);

Check failure

Code scanning / Fortify on Demand

Cross-Site Scripting: Reflected Critical

The method getUserContent() in UserController.java sends unvalidated data to a web browser on line 173, which can result in the browser executing malicious code. More information
@github-actions
Copy link

github-actions bot commented May 7, 2025

Test Results

219 tests  ±0   185 ✅ ±0   3s ⏱️ ±0s
 48 suites ±0    34 💤 ±0 
 48 files   ±0     0 ❌ ±0 

Results for commit 2f3578c. ± Comparison against base commit 293e05c.

github-actions[bot]
github-actions bot reviewed May 7, 2025
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fortify vulnerability summary

Any issues listed below are based on comparing the latest scan results against the previous scan results in FoD release IWA-Java [KAL] - merge-to-main#PR29. This is for informational purposes only and, depending on workflow, may not be an accurate representation of what issues will be introduced into or removed from the target branch when merging this PR.

New Issues

  • No new or re-introduced issues were detected

Removed Issues

  • No removed issues were detected

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@kadraman kadraman

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kadraman