Audit
razor-use-of-htmlstring
razor-use-of-htmlstring
ASP.NET Core MVC provides an HtmlString class which isn’t automatically encoded upon output. This should never be used in combination with untrusted input as this will expose an XSS vulnerability.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-116: Improper Encoding or Escaping of Output
OWASP:
- A03:2021 - Injection
xpath-injection
xpath-injection
XPath queries are constructed dynamically on user-controlled input. This vulnerability in code could lead to an XPath Injection exploitation.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-643: Improper Neutralization of Data within XPath Expressions (‘XPath Injection’)
OWASP:
- A03:2021 - Injection
open-directory-listing
open-directory-listing
An open directory listing is potentially exposed, potentially revealing sensitive information to attackers.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-548: Exposure of Information Through Directory Listing
OWASP:
- A06:2017 - Security Misconfiguration
- A01:2021 - Broken Access Control
mass-assignment
mass-assignment
Mass assignment or Autobinding vulnerability in code allows an attacker to execute over-posting attacks, which could create a new parameter in the binding request and manipulate the underlying object in the application.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes
OWASP:
- A08:2021 - Software and Data Integrity Failures
misconfigured-lockout-option
misconfigured-lockout-option
A misconfigured lockout mechanism allows an attacker to execute brute-force attacks. Account lockout must be correctly configured and enabled to prevent these attacks.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-307: Improper Restriction of Excessive Authentication Attempts
OWASP:
- A07:2021 - Identification and Authentication Failures
missing-or-broken-authorization
missing-or-broken-authorization
ldap-injection
ldap-injection
LDAP queries are constructed dynamically on user-controlled input. This vulnerability in code could lead to an arbitrary LDAP query execution.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-90: Improper Neutralization of Special Elements used in an LDAP Query (‘LDAP Injection’)
OWASP:
- A01:2017 - Injection
- A03:2021 - Injection
Audit
razor-use-of-htmlstring
razor-use-of-htmlstring
ASP.NET Core MVC provides an HtmlString class which isn’t automatically encoded upon output. This should never be used in combination with untrusted input as this will expose an XSS vulnerability.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-116: Improper Encoding or Escaping of Output
OWASP:
- A03:2021 - Injection
xpath-injection
xpath-injection
XPath queries are constructed dynamically on user-controlled input. This vulnerability in code could lead to an XPath Injection exploitation.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-643: Improper Neutralization of Data within XPath Expressions (‘XPath Injection’)
OWASP:
- A03:2021 - Injection
open-directory-listing
open-directory-listing
An open directory listing is potentially exposed, potentially revealing sensitive information to attackers.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-548: Exposure of Information Through Directory Listing
OWASP:
- A06:2017 - Security Misconfiguration
- A01:2021 - Broken Access Control
mass-assignment
mass-assignment
Mass assignment or Autobinding vulnerability in code allows an attacker to execute over-posting attacks, which could create a new parameter in the binding request and manipulate the underlying object in the application.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes
OWASP:
- A08:2021 - Software and Data Integrity Failures
misconfigured-lockout-option
misconfigured-lockout-option
A misconfigured lockout mechanism allows an attacker to execute brute-force attacks. Account lockout must be correctly configured and enabled to prevent these attacks.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-307: Improper Restriction of Excessive Authentication Attempts
OWASP:
- A07:2021 - Identification and Authentication Failures
missing-or-broken-authorization
missing-or-broken-authorization
ldap-injection
ldap-injection
LDAP queries are constructed dynamically on user-controlled input. This vulnerability in code could lead to an arbitrary LDAP query execution.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-90: Improper Neutralization of Special Elements used in an LDAP Query (‘LDAP Injection’)
OWASP:
- A01:2017 - Injection
- A03:2021 - Injection