Privacy_Violation @ /encode.frm

[cx-tamar-brenig]

Checkmarx (SAST): Privacy_Violation
Security Issue: Read More about Privacy_Violation
Checkmarx Project: AsafOrgTesting/FlowListenerPublicRepo
Repository URL: https://github.com/AsafOrgTesting/FlowListenerPublicRepo
Branch: main
Scan ID: 2e34543b-886d-4d6e-a92b-ab98a7cee728

---

Method cmdunsafe_click at line 42 of /encode.frm sends user information outside the application. This may constitute a Privacy Violation.

Result #1:
Severity: MEDIUM
State: TO_VERIFY
Status: NEW
Attack Vector:

    1. password: /encode.frm[42,5]
    2. password: /encode.frm[47,30]
    3. query: /encode.frm[45,5]
    4. query: /encode.frm[48,21]
    5. text: /encode.frm[48,13]
    Review result in Checkmarx One: Privacy_Violation

Result #2:
Severity: MEDIUM
State: TO_VERIFY
Status: NEW
Attack Vector:

    1. password: /encode.frm[11,5]
    2. password: /encode.frm[16,30]
    3. query: /encode.frm[14,5]
    4. query: /encode.frm[17,21]
    5. text: /encode.frm[17,13]
    Review result in Checkmarx One: Privacy_Violation