Session_Fixation @ /Login_jsp.java #68
Description
Checkmarx (SAST): Session_Fixation
Security Issue: Read More about Session_Fixation
Applications: app
Checkmarx Project: AsafOrgTesting/BookStore_Public
Repository URL: https://github.com/AsafOrgTesting/BookStore_Public
Branch: master
Scan ID: 7109c3be-17ec-47a6-b583-8cc51a26fdc2
Method at line 480 of /Login_jsp.java performs user authentication without terminating existing sessions. This may enable Session Fixation.
Result 1:
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
Attack Vector:
1. setAttribute: /Login_jsp.java[480,31]
Review result in Checkmarx One: Session_Fixation
Result 2:
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
Attack Vector:
1. setAttribute: /Login_jsp.java[479,31]
Review result in Checkmarx One: Session_Fixation
Result 3:
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
Attack Vector:
1. setAttribute: /Login_jsp.java[448,33]
Review result in Checkmarx One: Session_Fixation
Result 4:
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
Attack Vector:
1. setAttribute: /Login_jsp.java[446,33]
Review result in Checkmarx One: Session_Fixation