ASP.NET Core MVC provides an HtmlString class which isn’t automatically encoded upon output. This should never be used in combination with untrusted input as this will expose an XSS vulnerability. Likelihood: LOW Confidence: LOW CWE: - CWE-116: Improper Encoding or Escaping of Output
OWASP: - A03:2021 - Injection
xpath-injection
XPath queries are constructed dynamically on user-controlled input. This vulnerability in code could lead to an XPath Injection exploitation. Likelihood: MEDIUM Confidence: MEDIUM CWE: - CWE-643: Improper Neutralization of Data within XPath Expressions (‘XPath Injection’)
OWASP: - A03:2021 - Injection
open-directory-listing
An open directory listing is potentially exposed, potentially revealing sensitive information to attackers. Likelihood: LOW Confidence: MEDIUM CWE: - CWE-548: Exposure of Information Through Directory Listing
OWASP: - A06:2017 - Security Misconfiguration
- A01:2021 - Broken Access Control
mass-assignment
Mass assignment or Autobinding vulnerability in code allows an attacker to execute over-posting attacks, which could create a new parameter in the binding request and manipulate the underlying object in the application. Likelihood: MEDIUM Confidence: MEDIUM CWE: - CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes
OWASP: - A08:2021 - Software and Data Integrity Failures
misconfigured-lockout-option
A misconfigured lockout mechanism allows an attacker to execute brute-force attacks. Account lockout must be correctly configured and enabled to prevent these attacks. Likelihood: LOW Confidence: LOW CWE: - CWE-307: Improper Restriction of Excessive Authentication Attempts
OWASP: - A07:2021 - Identification and Authentication Failures
missing-or-broken-authorization
Anonymous access shouldn’t be allowed unless explicit by design. Access control checks are missing and potentially can be bypassed. This finding violates the principle of least privilege or deny by default, where access should only be permitted for a specific set of roles or conforms to a custom policy or users. Likelihood: LOW Confidence: MEDIUM CWE: - CWE-862: Missing Authorization
OWASP: - A01:2021 - Broken Access Control
ldap-injection
LDAP queries are constructed dynamically on user-controlled input. This vulnerability in code could lead to an arbitrary LDAP query execution. Likelihood: MEDIUM Confidence: MEDIUM CWE: - CWE-90: Improper Neutralization of Special Elements used in an LDAP Query (‘LDAP Injection’)
OWASP: - A01:2017 - Injection
- A03:2021 - Injection