Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Veracode issue - LPWA js/utils/utils.js line 120 #1153

Open
skutner opened this issue Jan 10, 2023 · 1 comment
Open

Veracode issue - LPWA js/utils/utils.js line 120 #1153

skutner opened this issue Jan 10, 2023 · 1 comment
Assignees

Comments

@skutner
Copy link
Contributor

skutner commented Jan 10, 2023

URL Redirection to Untrusted Site ('Open Redirect')

Description: This call to href() contains a URL redirection to untrusted site flaw. Writing untrusted input into a URL value could cause the web application to redirect the request to the specified URL, leading to phishing attempts to steal user credentials.

Remediation: Always validate untrusted input to ensure that it conforms to the expected format, using centralized data validation routines when possible.

@skutner skutner changed the title Veracode issue - LPWA js/utils/utils.js Veracode issue - LPWA js/utils/utils.js line 120 Jan 10, 2023
@salboaie
Copy link
Member

Try to change teh site using window.location.pathname

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants