[Checkmarx] JavaScript_Server_Side_Vulnerabilities - Use_Of_Hardcoded_Password : 99642897
github-actions opened this issue · comments
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 64 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
4 Node - Line 64 - password
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
5 Node - Line 82 - password
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 9 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in facff16
1 Node - Line 9 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in facff16
2 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in facff16
3 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in facff16
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000052
LOC: 4604
Files Scanned: 13
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000052&projectid=6
Scan Comment: git master@facff162845a8332880e780f7cec71927aac746a
Scan Type: 00h:01m:12s
Scan Start Date: Mon Jun 15 2020 11:12:20 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:01m:12s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000052
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 64 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
4 Node - Line 64 - password
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
5 Node - Line 82 - password
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
1 Node - Line 36 - getInput
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
2 Node - Line 36 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
3 Node - Line 78 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
4 Node - Line 78 - trim
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
5 Node - Line 78 - password
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
6 Node - Line 260 - password
checkmarx-github-action/src/cxsast.js
Lines 259 to 261
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 259 to 261 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
1 Node - Line 30 - getInput
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
2 Node - Line 30 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
3 Node - Line 67 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 66 to 68
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 66 to 68 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 63 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 62 to 64
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 62 to 64 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 64 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
4 Node - Line 64 - password
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
5 Node - Line 82 - password
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
1 Node - Line 36 - getInput
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
2 Node - Line 36 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
3 Node - Line 78 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
4 Node - Line 78 - trim
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
5 Node - Line 78 - password
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
6 Node - Line 260 - password
checkmarx-github-action/src/cxsast.js
Lines 259 to 261
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 259 to 261 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
1 Node - Line 30 - getInput
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
2 Node - Line 30 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
3 Node - Line 67 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 66 to 68
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 66 to 68 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 63 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 62 to 64
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 62 to 64 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 64 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
4 Node - Line 64 - password
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
5 Node - Line 82 - password
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
1 Node - Line 36 - getInput
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
2 Node - Line 36 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
3 Node - Line 78 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
4 Node - Line 78 - trim
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
5 Node - Line 78 - password
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
6 Node - Line 260 - password
checkmarx-github-action/src/cxsast.js
Lines 259 to 261
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 259 to 261 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 64 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
4 Node - Line 64 - password
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
5 Node - Line 82 - password
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
1 Node - Line 36 - getInput
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
2 Node - Line 36 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
3 Node - Line 78 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
4 Node - Line 78 - trim
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
5 Node - Line 78 - password
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
6 Node - Line 260 - password
checkmarx-github-action/src/cxsast.js
Lines 259 to 261
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 259 to 261 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
1 Node - Line 30 - getInput
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
2 Node - Line 30 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
3 Node - Line 67 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 66 to 68
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 66 to 68 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 63 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 62 to 64
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 62 to 64 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 64 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
4 Node - Line 64 - password
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
5 Node - Line 82 - password
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
1 Node - Line 36 - getInput
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
2 Node - Line 36 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
3 Node - Line 78 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
4 Node - Line 78 - trim
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
5 Node - Line 78 - password
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
6 Node - Line 260 - password
checkmarx-github-action/src/cxsast.js
Lines 259 to 261
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 259 to 261 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
1 Node - Line 30 - getInput
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
2 Node - Line 30 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
3 Node - Line 67 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 66 to 68
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 66 to 68 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 64 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
4 Node - Line 64 - password
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
5 Node - Line 82 - password
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
1 Node - Line 36 - getInput
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
2 Node - Line 36 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
3 Node - Line 78 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
4 Node - Line 78 - trim
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
5 Node - Line 78 - password
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
6 Node - Line 260 - password
checkmarx-github-action/src/cxsast.js
Lines 259 to 261
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 259 to 261 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 64 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
4 Node - Line 64 - password
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
5 Node - Line 82 - password
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
1 Node - Line 36 - getInput
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
2 Node - Line 36 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
3 Node - Line 78 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
4 Node - Line 78 - trim
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
5 Node - Line 78 - password
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
6 Node - Line 260 - password
checkmarx-github-action/src/cxsast.js
Lines 259 to 261
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 259 to 261 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
1 Node - Line 30 - getInput
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
2 Node - Line 30 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
3 Node - Line 67 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 66 to 68
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 66 to 68 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 64 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
4 Node - Line 64 - password
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
5 Node - Line 82 - password
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
1 Node - Line 36 - getInput
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
2 Node - Line 36 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
3 Node - Line 78 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
4 Node - Line 78 - trim
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
5 Node - Line 78 - password
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
6 Node - Line 260 - password
checkmarx-github-action/src/cxsast.js
Lines 259 to 261
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 259 to 261 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 64 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
4 Node - Line 64 - password
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
5 Node - Line 82 - password
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
1 Node - Line 36 - getInput
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
2 Node - Line 36 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
3 Node - Line 78 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
4 Node - Line 78 - trim
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
5 Node - Line 78 - password
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
6 Node - Line 260 - password
checkmarx-github-action/src/cxsast.js
Lines 259 to 261
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 259 to 261 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
1 Node - Line 30 - getInput
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
2 Node - Line 30 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
3 Node - Line 67 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 66 to 68
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 66 to 68 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 63 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 62 to 64
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 62 to 64 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 64 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
4 Node - Line 64 - password
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
5 Node - Line 82 - password
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
1 Node - Line 36 - getInput
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
2 Node - Line 36 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
3 Node - Line 78 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
4 Node - Line 78 - trim
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
5 Node - Line 78 - password
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
6 Node - Line 260 - password
checkmarx-github-action/src/cxsast.js
Lines 259 to 261
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 259 to 261 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
1 Node - Line 30 - getInput
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
2 Node - Line 30 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
3 Node - Line 67 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 66 to 68
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 66 to 68 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 63 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 62 to 64
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 62 to 64 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 64 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
4 Node - Line 64 - password
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
5 Node - Line 82 - password
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
1 Node - Line 36 - getInput
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
2 Node - Line 36 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
3 Node - Line 78 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
4 Node - Line 78 - trim
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
5 Node - Line 78 - password
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
6 Node - Line 260 - password
checkmarx-github-action/src/cxsast.js
Lines 259 to 261
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 259 to 261 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
1 Node - Line 30 - getInput
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
2 Node - Line 30 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
3 Node - Line 67 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 66 to 68
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 66 to 68 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 63 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 62 to 64
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 62 to 64 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 64 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
4 Node - Line 64 - password
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 63 to 65 in 7873b79
5 Node - Line 82 - password
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 81 to 83 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
1 Node - Line 36 - getInput
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
2 Node - Line 36 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
3 Node - Line 78 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
4 Node - Line 78 - trim
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
5 Node - Line 78 - password
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
6 Node - Line 260 - password
checkmarx-github-action/src/cxsast.js
Lines 259 to 261
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 259 to 261 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
1 Node - Line 30 - getInput
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
2 Node - Line 30 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 29 to 31
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 29 to 31 in 7873b79
3 Node - Line 67 - cxPassword
checkmarx-github-action/src/cxosa.js
Lines 66 to 68
in
7873b79
checkmarx-github-action/src/cxosa.js
Lines 66 to 68 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
1 Node - Line 46 - getInput
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
2 Node - Line 46 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 45 to 47 in 7873b79
3 Node - Line 63 - cxPassword
checkmarx-github-action/src/cxtoken.js
Lines 62 to 64
in
7873b79
checkmarx-github-action/src/cxtoken.js
Lines 62 to 64 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 64 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
4 Node - Line 64 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
5 Node - Line 82 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L81-L83
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
1 Node - Line 36 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
2 Node - Line 36 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
3 Node - Line 78 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
4 Node - Line 78 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
5 Node - Line 78 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
6 Node - Line 260 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L259-L261
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
3 Node - Line 67 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L66-L68
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 63 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L62-L64
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 64 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
4 Node - Line 64 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
5 Node - Line 82 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L81-L83
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
1 Node - Line 36 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
2 Node - Line 36 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
3 Node - Line 78 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
4 Node - Line 78 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
5 Node - Line 78 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
6 Node - Line 260 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L259-L261
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
3 Node - Line 67 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L66-L68
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 63 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L62-L64
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 64 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
4 Node - Line 64 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
5 Node - Line 82 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L81-L83
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
1 Node - Line 36 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
2 Node - Line 36 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
3 Node - Line 78 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
4 Node - Line 78 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
5 Node - Line 78 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
6 Node - Line 260 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L259-L261
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
3 Node - Line 67 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L66-L68
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 63 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L62-L64
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 64 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
4 Node - Line 64 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
5 Node - Line 82 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L81-L83
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
1 Node - Line 36 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
2 Node - Line 36 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
3 Node - Line 78 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
4 Node - Line 78 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
5 Node - Line 78 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
6 Node - Line 260 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L259-L261
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
3 Node - Line 67 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L66-L68
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 63 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L62-L64
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 64 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
4 Node - Line 64 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
5 Node - Line 82 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L81-L83
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
1 Node - Line 36 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
2 Node - Line 36 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
3 Node - Line 78 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
4 Node - Line 78 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
5 Node - Line 78 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
6 Node - Line 260 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L259-L261
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
3 Node - Line 67 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L66-L68
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 63 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L62-L64
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 64 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
4 Node - Line 64 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
5 Node - Line 82 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L81-L83
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
1 Node - Line 36 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
2 Node - Line 36 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
3 Node - Line 78 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
4 Node - Line 78 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
5 Node - Line 78 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
6 Node - Line 260 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L259-L261
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
3 Node - Line 67 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L66-L68
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 63 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L62-L64
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 64 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
4 Node - Line 64 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
5 Node - Line 82 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L81-L83
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
1 Node - Line 36 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
2 Node - Line 36 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
3 Node - Line 78 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
4 Node - Line 78 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
5 Node - Line 78 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
6 Node - Line 260 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L259-L261
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
3 Node - Line 67 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L66-L68
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 63 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L62-L64
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 64 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
4 Node - Line 64 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
5 Node - Line 82 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L81-L83
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
1 Node - Line 36 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
2 Node - Line 36 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
3 Node - Line 78 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
4 Node - Line 78 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
5 Node - Line 78 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
6 Node - Line 260 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L259-L261
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
3 Node - Line 67 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L66-L68
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 63 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L62-L64
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 64 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
4 Node - Line 64 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
5 Node - Line 82 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L81-L83
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
1 Node - Line 36 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
2 Node - Line 36 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
3 Node - Line 78 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
4 Node - Line 78 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
5 Node - Line 78 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
6 Node - Line 260 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L259-L261
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
3 Node - Line 67 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L66-L68
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 63 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L62-L64
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
High - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 64 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
4 Node - Line 64 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L63-L65
5 Node - Line 82 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L81-L83
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:09 PM]: Changed severity to High
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 6
Result ID: 1000039
Result State: 0
Result Severity: High
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
1 Node - Line 36 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
2 Node - Line 36 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L35-L37
3 Node - Line 78 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
4 Node - Line 78 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
5 Node - Line 78 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L77-L79
6 Node - Line 260 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxsast.js#L259-L261
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31
3 Node - Line 67 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L66-L68
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:47 PM]: Changed status to Confirmed
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 1
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 46 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
1 Node - Line 46 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
2 Node - Line 46 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L45-L47
3 Node - Line 63 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxtoken.js#L62-L64
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:43 PM]: Changed status to Not Exploitable
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 5
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 9 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in facff16
1 Node - Line 9 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in facff16
2 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in facff16
3 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in facff16
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000052
LOC: 4604
Files Scanned: 13
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000052&projectid=6
Scan Comment: git master@facff162845a8332880e780f7cec71927aac746a
Scan Type: 00h:01m:12s
Scan Start Date: Mon Jun 15 2020 11:12:20 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:12s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000052
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 9 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
45d3d81
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in 45d3d81
1 Node - Line 9 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
45d3d81
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in 45d3d81
2 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
45d3d81
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in 45d3d81
3 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
45d3d81
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in 45d3d81
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000053
LOC: 4864
Files Scanned: 13
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000053&projectid=6
Scan Comment: git master@45d3d81f8a4a7536cb55e971278506d824f50896
Scan Type: 00h:01m:02s
Scan Start Date: Mon Jun 15 2020 21:03:05 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:01m:02s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000053
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 9 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
9ab0cc4
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in 9ab0cc4
1 Node - Line 9 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
9ab0cc4
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in 9ab0cc4
2 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
9ab0cc4
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in 9ab0cc4
3 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
9ab0cc4
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in 9ab0cc4
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000054
LOC: 4864
Files Scanned: 13
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000054&projectid=6
Scan Comment: Attempt to perform scan on 6/15/2020 9:18:11 PM - No code changes were detected; git master@45d3d81f8a4a7536cb55e971278506d824f50896
Scan Type: 00h:00m:00s
Scan Start Date: Mon Jun 15 2020 21:18:11 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:00m:00s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000054
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 9 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in facff16
1 Node - Line 9 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in facff16
2 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in facff16
3 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in facff16
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000052
LOC: 4604
Files Scanned: 13
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000052&projectid=6
Scan Comment: git master@facff162845a8332880e780f7cec71927aac746a
Scan Type: 00h:01m:12s
Scan Start Date: Mon Jun 15 2020 11:12:20 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:12s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000052
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 9 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in facff16
1 Node - Line 9 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in facff16
2 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in facff16
3 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in facff16
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000052
LOC: 4604
Files Scanned: 13
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000052&projectid=6
Scan Comment: git master@facff162845a8332880e780f7cec71927aac746a
Scan Type: 00h:01m:12s
Scan Start Date: Mon Jun 15 2020 11:12:20 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:12s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000052
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 9 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in facff16
1 Node - Line 9 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in facff16
2 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in facff16
3 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in facff16
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000052
LOC: 4604
Files Scanned: 13
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000052&projectid=6
Scan Comment: git master@facff162845a8332880e780f7cec71927aac746a
Scan Type: 00h:01m:12s
Scan Start Date: Mon Jun 15 2020 11:12:20 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:12s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000052
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 9 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in facff16
1 Node - Line 9 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in facff16
2 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in facff16
3 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in facff16
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000052
LOC: 4604
Files Scanned: 13
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000052&projectid=6
Scan Comment: git master@facff162845a8332880e780f7cec71927aac746a
Scan Type: 00h:01m:12s
Scan Start Date: Mon Jun 15 2020 11:12:20 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:12s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000052
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 9 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
a69fc98
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in a69fc98
1 Node - Line 9 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
a69fc98
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in a69fc98
2 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
a69fc98
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in a69fc98
3 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
a69fc98
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in a69fc98
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000055
LOC: 4875
Files Scanned: 13
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000055&projectid=6
Scan Comment: git master@a69fc98d6babf437466c8ffecbac092ff99fec9d
Scan Type: 00h:01m:06s
Scan Start Date: Mon Jun 15 2020 22:45:25 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:01m:06s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000055
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 9 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
ef64034
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in ef64034
1 Node - Line 9 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
ef64034
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in ef64034
2 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
ef64034
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in ef64034
3 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
ef64034
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in ef64034
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000056
LOC: 4887
Files Scanned: 13
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000056&projectid=6
Scan Comment: git master@ef64034c0268e46ec510444d1eec503d495abc37
Scan Type: 00h:01m:09s
Scan Start Date: Mon Jun 15 2020 22:54:02 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:01m:09s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000056
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 9 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
3c46f83
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in 3c46f83
1 Node - Line 9 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
3c46f83
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in 3c46f83
2 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
3c46f83
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in 3c46f83
3 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
3c46f83
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in 3c46f83
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000057
LOC: 4887
Files Scanned: 13
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000057&projectid=6
Scan Comment: Attempt to perform scan on 6/15/2020 10:58:35 PM - No code changes were detected; git master@ef64034c0268e46ec510444d1eec503d495abc37
Scan Type: 00h:00m:00s
Scan Start Date: Mon Jun 15 2020 22:58:35 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:00m:00s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000057
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 9 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
9054222
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in 9054222
1 Node - Line 9 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
9054222
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in 9054222
2 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
9054222
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in 9054222
3 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
9054222
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in 9054222
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000058
LOC: 4887
Files Scanned: 13
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000058&projectid=6
Scan Comment: Attempt to perform scan on 6/15/2020 11:06:36 PM - No code changes were detected; Attempt to perform scan on 6/15/2020 10:58:35 PM - No code changes were detected; git master@ef64034c0268e46ec510444d1eec503d495abc37
Scan Type: 00h:00m:00s
Scan Start Date: Mon Jun 15 2020 23:06:36 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:00m:00s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000058
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 9 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
7250394
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in 7250394
1 Node - Line 9 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
7250394
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in 7250394
2 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
7250394
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in 7250394
3 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
7250394
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in 7250394
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000059
LOC: 4887
Files Scanned: 13
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000059&projectid=6
Scan Comment: Attempt to perform scan on 6/15/2020 11:10:36 PM - No code changes were detected; Attempt to perform scan on 6/15/2020 11:06:36 PM - No code changes were detected; Attempt to perform scan on 6/15/2020 10:58:35 PM - No code changes were detected; git master@ef64034c0268e46ec510444d1eec503d495abc37
Scan Type: 00h:00m:00s
Scan Start Date: Mon Jun 15 2020 23:10:36 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:00m:00s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000059
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 9 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
690c046
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in 690c046
1 Node - Line 9 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10
in
690c046
checkmarx-github-action/src/github/inputs.js
Lines 8 to 10 in 690c046
2 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
690c046
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in 690c046
3 Node - Line 181 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182
in
690c046
checkmarx-github-action/src/github/inputs.js
Lines 180 to 182 in 690c046
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 22
Project Name: checkmarx-github-action-merge
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000060
LOC: 4891
Files Scanned: 13
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000060&projectid=22
Scan Comment: git merge@690c046a63e268fbb4cff992f05a308e0b3a223b
Scan Type: 00h:01m:06s
Scan Start Date: Mon Jun 15 2020 23:15:24 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:01m:06s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000060
Result State: 0
Result Severity: Low
Result Status: New
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 7 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8 in facff16
1 Node - Line 7 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8 in facff16
2 Node - Line 192 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193 in facff16
3 Node - Line 192 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193 in facff16
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 23
Project Name: checkmarx-github-action-test_pull_request_feature-pull_169
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000061
LOC: 4903
Files Scanned: 14
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000061&projectid=23
Scan Comment: git merge@facff162845a8332880e780f7cec71927aac746a
Scan Type: 00h:01m:07s
Scan Start Date: Mon Jun 15 2020 23:28:04 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:07s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000061
Result State: 0
Result Severity: Low
Result Status: New
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 7 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8 in facff16
1 Node - Line 7 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8 in facff16
2 Node - Line 192 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193 in facff16
3 Node - Line 192 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193 in facff16
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 23
Project Name: checkmarx-github-action-test_pull_request_feature-pull_169
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000062
LOC: 4915
Files Scanned: 14
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000062&projectid=23
Scan Comment: git merge@facff162845a8332880e780f7cec71927aac746a
Scan Type: 00h:01m:16s
Scan Start Date: Mon Jun 15 2020 23:38:40 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000062
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 7 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8 in facff16
1 Node - Line 7 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8 in facff16
2 Node - Line 192 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193 in facff16
3 Node - Line 192 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193 in facff16
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 23
Project Name: checkmarx-github-action-test_pull_request_feature-pull_169
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000062
LOC: 4915
Files Scanned: 14
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000062&projectid=23
Scan Comment: git merge@facff162845a8332880e780f7cec71927aac746a
Scan Type: 00h:01m:16s
Scan Start Date: Mon Jun 15 2020 23:38:40 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000062
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 7 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8 in facff16
1 Node - Line 7 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8 in facff16
2 Node - Line 192 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193 in facff16
3 Node - Line 192 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193
in
facff16
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193 in facff16
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 23
Project Name: checkmarx-github-action-test_pull_request_feature-pull_169
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000062
LOC: 4915
Files Scanned: 14
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000062&projectid=23
Scan Comment: git merge@facff162845a8332880e780f7cec71927aac746a
Scan Type: 00h:01m:16s
Scan Start Date: Mon Jun 15 2020 23:38:40 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000062
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 7 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8
in
6f2715a
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8 in 6f2715a
1 Node - Line 7 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8
in
6f2715a
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8 in 6f2715a
2 Node - Line 192 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193
in
6f2715a
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193 in 6f2715a
3 Node - Line 192 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193
in
6f2715a
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193 in 6f2715a
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 23
Project Name: checkmarx-github-action-test_pull_request_feature-pull_169
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000062
LOC: 4915
Files Scanned: 14
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000062&projectid=23
Scan Comment: git merge@facff162845a8332880e780f7cec71927aac746a
Scan Type: 00h:01m:16s
Scan Start Date: Mon Jun 15 2020 23:38:40 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000062
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html
Low - Use_Of_Hardcoded_Password
0 Node - Line 7 - "cxPassword"
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8
in
6f2715a
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8 in 6f2715a
1 Node - Line 7 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8
in
6f2715a
checkmarx-github-action/src/github/inputs.js
Lines 6 to 8 in 6f2715a
2 Node - Line 192 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193
in
6f2715a
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193 in 6f2715a
3 Node - Line 192 - CX_PASSWORD
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193
in
6f2715a
checkmarx-github-action/src/github/inputs.js
Lines 191 to 193 in 6f2715a
Comments
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 23
Project Name: checkmarx-github-action-test_pull_request_feature-pull_169
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000062
LOC: 4915
Files Scanned: 14
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000062&projectid=23
Scan Comment: git merge@facff162845a8332880e780f7cec71927aac746a
Scan Type: 00h:01m:16s
Scan Start Date: Mon Jun 15 2020 23:38:40 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 99642897
Path ID: 2
Result ID: 1000062
Result State: 0
Result Severity: Low
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html