From 2b8c34b9012caf7559c1573b006eed9fab9f2cbb Mon Sep 17 00:00:00 2001
From: Mobb autofixer <git@mobb.ai>
Date: Mon, 25 Sep 2023 08:58:54 +0000
Subject: [PATCH 1/3] mobb fix commit: 22a658e9-6032-4dc6-b2e3-bd74c2fcfb99

---
 src/main/webapp/ForgotPassword.jsp | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/main/webapp/ForgotPassword.jsp b/src/main/webapp/ForgotPassword.jsp
index b56f6cb..8c5c446 100644
--- a/src/main/webapp/ForgotPassword.jsp
+++ b/src/main/webapp/ForgotPassword.jsp
@@ -38,8 +38,10 @@ if(request.getParameter("secret")!=null)
              {
                  Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));
                   ResultSet rs=null;
-                  Statement stmt = con.createStatement();  
-                  rs=stmt.executeQuery("select * from users where username='"+request.getParameter("username").trim()+"' and secret='"+request.getParameter("secret")+"'");
+                  PreparedStatement pstmt = con.prepareStatement("select * from users where username=? and secret=?");
+                  pstmt.setString(1, request.getParameter("username").trim());
+                  pstmt.setString(2, request.getParameter("secret"));
+                  rs=pstmt.executeQuery();
                   if(rs != null && rs.next()){
                       out.print("Hello "+rs.getString("username")+", <b class='success'> Your Password is: "+rs.getString("password"));
                   }

From 49e8dfa3fcede8a540bfb16681249a79547c0d9c Mon Sep 17 00:00:00 2001
From: Mobb autofixer <git@mobb.ai>
Date: Mon, 25 Sep 2023 08:58:55 +0000
Subject: [PATCH 2/3] mobb fix commit: 96b05587-b15d-497c-addc-b7ed3cefdc15

---
 src/main/webapp/vulnerability/forum.jsp | 114 +++++++++++-------------
 1 file changed, 54 insertions(+), 60 deletions(-)

diff --git a/src/main/webapp/vulnerability/forum.jsp b/src/main/webapp/vulnerability/forum.jsp
index 6c71c00..bde9b05 100644
--- a/src/main/webapp/vulnerability/forum.jsp
+++ b/src/main/webapp/vulnerability/forum.jsp
@@ -5,7 +5,7 @@
 --%>
 
 <%@page import="java.sql.Connection"%>
-<%@page import="java.sql.Statement"%>
+<%@page import="java.sql.PreparedStatement"%>
 <%@page import="java.sql.SQLException"%>
 
 <%@page import="java.sql.ResultSetMetaData"%>
@@ -18,65 +18,59 @@
  
   <%@ include file="/header.jsp" %>
 <%
-         Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));
-               if(session.getAttribute("isLoggedIn")!=null && session.getAttribute("isLoggedIn").equals("1"))
-               {
-                   out.print("Hello "+session.getAttribute("user")+", Welcome to Our Forum !");
-               }
-     %>
-     <br/>  <br/>
-        <h3>Create Post:</h3>
-       <form action="forum.jsp" method="POST">
-       Title : <input type="text" name="title" value="" size="50"/><br/>
-       Message: <br/><textarea name="content" rows="2" cols="50"></textarea>
-       <input type="hidden" name="user" value="<% if(session.getAttribute("user")!=null){out.print(session.getAttribute("user"));} else { out.print("Anonymous"); } %>" size="50"/><br/>
-       <input type="submit" value="Post" name="post"/>
-       </form>
-
+try (Connection con = new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"))) {
+    if (session.getAttribute("isLoggedIn") != null && session.getAttribute("isLoggedIn").equals("1")) {
+        out.print("Hello " + session.getAttribute("user") + ", Welcome to Our Forum !");
+    }
+}
+%>
+<br/>  <br/>
+<h3>Create Post:</h3>
+<form action="forum.jsp" method="POST">
+Title : <input type="text" name="title" value="" size="50"/><br/>
+Message: <br/><textarea name="content" rows="2" cols="50"></textarea>
+<input type="hidden" name="user" value="<% if(session.getAttribute(\"user\")!=null){out.print(session.getAttribute(\"user\"));} else { out.print(\"Anonymous\"); } %>" size="50"/><br/>
+<input type="submit" value="Post" name="post"/>
+</form>
 <br/>
 <%
-                                    
-     if(request.getParameter("post")!=null) 
-                                 {
-                                    String user=request.getParameter("user");
-                                    String content=request.getParameter("content");
-                                    String title=request.getParameter("title");
-                                    if(con!=null && !con.isClosed())
-                                        {
-                                           Statement stmt = con.createStatement();   
-                                           //Posting Content
-                                          stmt.executeUpdate("INSERT into posts(content,title,user) values ('"+content+"','"+title+"','"+user+"')");
-                                            out.print("Successfully posted");
-                                        }
-                                    }
-                                                                    
-    %>
-     <h3>List of Posts:</h3> 
-    <%
-      if(con!=null && !con.isClosed())
-          {
-             Statement stmt = con.createStatement();
-             ResultSet rs =null;
-             rs=stmt.executeQuery("select * from posts");
-             out.println("<table border='1'>");
-             while (rs.next()) 
-            {
-                out.print("<tr>");
-                out.print("<td><a href='forumposts.jsp?postid="+rs.getString("postid")+"'>"+rs.getString("title")+"</a></td>");
-                out.print("<td> - Posted By ");
-                if(!rs.getString("user").equalsIgnoreCase("anonymous"))
-                {
-                out.print("<a href='UserDetails.jsp?username="+rs.getString("user")+"'>"+rs.getString("user")+"</a>");
-                }
-                else
-                {
-                    out.print(rs.getString("user"));
-                }
-                out.println("</td></tr>");
-                
+if (request.getParameter("post") != null) {
+    String user = request.getParameter("user");
+    String content = request.getParameter("content");
+    String title = request.getParameter("title");
+    if (con != null && !con.isClosed()) {
+        String query = "INSERT into posts(content,title,user) values (?,?,?)";
+        try (PreparedStatement stmt = con.prepareStatement(query)) {
+            stmt.setString(1, content);
+            stmt.setString(2, title);
+            stmt.setString(3, user);
+            stmt.executeUpdate();
+            out.print("Successfully posted");
+        }
+    }
+}
+%>
+<h3>List of Posts:</h3>
+<%
+if (con != null && !con.isClosed()) {
+    String query = "select * from posts";
+    try (PreparedStatement stmt = con.prepareStatement(query)) {
+        ResultSet rs = stmt.executeQuery();
+        out.println("<table border='1'>");
+        while (rs.next()) {
+            out.print("<tr>");");
+            out.print("<td><a href='forumposts.jsp?postid=" + rs.getString("postid") + "'>" + rs.getString("title") + "</a></td>");
+            out.print("<td> - Posted By ");
+            if (!rs.getString("user").equalsIgnoreCase("anonymous")) {
+                out.print("<a href='UserDetails.jsp?username=" + rs.getString("user") + "'>" + rs.getString("user") + "</a>");
+            } else {
+                out.print(rs.getString("user"));
             }
-            out.println("</table>");
-       }
-        out.print("<br/> <a href='forumUsersList.jsp'>Forum Users list &gt;&gt;</a>");                                     
-     %>
-       <%@ include file="/footer.jsp" %>
\ No newline at end of file
+            out.println("</td></tr>");
+        }
+        out.println("</table>");
+    }
+}
+out.print("<br/> <a href='forumUsersList.jsp'>Forum Users list &gt;&gt;</a>");
+%>
+<%@ include file="/footer.jsp" %>
\ No newline at end of file

From 38b2868292d473285826dc3eb22b4c70f3b87913 Mon Sep 17 00:00:00 2001
From: Mobb autofixer <git@mobb.ai>
Date: Mon, 25 Sep 2023 08:58:55 +0000
Subject: [PATCH 3/3] mobb fix commit: 214bf700-2ada-4df9-84e6-83813ca102c3

---
 src/main/webapp/vulnerability/csrf/change-info.jsp | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/main/webapp/vulnerability/csrf/change-info.jsp b/src/main/webapp/vulnerability/csrf/change-info.jsp
index 9c27092..2e894da 100644
--- a/src/main/webapp/vulnerability/csrf/change-info.jsp
+++ b/src/main/webapp/vulnerability/csrf/change-info.jsp
@@ -27,8 +27,10 @@ if(session.getAttribute("isLoggedIn")!=null)
    String id=session.getAttribute("userid").toString();
    if(info!=null && !info.equals("") && id!=null)
    {
-        Statement stmt = con.createStatement();
-            stmt.executeUpdate("Update users set about='"+info+"' where id="+id);
+        PreparedStatement pstmt = con.prepareStatement("Update users set about=? where id=?");
+        pstmt.setString(1, info);
+        pstmt.setString(2, id);
+        pstmt.executeUpdate();
           out.print("<b class='fail'>info Changed</b>");
    }