CX Security_Misconfiguration @ app/routes/profile.js [master]

**Security_Misconfiguration** issue exists @ **app/routes/profile.js** in branch **master**

*The application takes&#160;sensitive, personal data&#160;ssn, found at line 20 of app\routes\profile.js, and stores it in an unprotected manner, without encryption, to anony1714282621var at line 42 of app\data\profile-dao.js.&#160;*

Severity: High
CWE:933
[Vulnerability details and guidance](https://cwe.mitre.org/data/definitions/933.html)
[Internal Guidance](https://custodela.atlassian.net/wiki/spaces/AS/pages/79462432/Remediation+Guidance)
Lines: [24](https://github.com/Custodela/NodeGoat//blob/master/app/routes/profile.js#L24) [25](https://github.com/Custodela/NodeGoat//blob/master/app/routes/profile.js#L25) 

---
[Code (Line #24):](https://github.com/Custodela/NodeGoat//blob/master/app/routes/profile.js#L24)
```
        var ssn = req.body.ssn;
```
---
[Code (Line #25):](https://github.com/Custodela/NodeGoat//blob/master/app/routes/profile.js#L25)
```
        var dob = req.body.dob;
```
---


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CX Security_Misconfiguration @ app/routes/profile.js [master] #8

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

CX Security_Misconfiguration @ app/routes/profile.js [master] #8

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions