Giters

checkmarx-ts / checkmarx-github-action

Checkmarx Scan Github Action

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[Checkmarx] JavaScript_Server_Side_Vulnerabilities - Use_Of_Hardcoded_Password : 9964289711

miguelfreitas93 opened this issue · comments

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

1 Node - Line 30 - getInput

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

2 Node - Line 30 - cxPassword

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

3 Node - Line 68 - cxPassword

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

4 Node - Line 68 - trim

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

5 Node - Line 68 - password

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

6 Node - Line 209 - password

checkmarx-github-action/src/cxosa.js

Lines 208 to 210 in 7873b79

} else {
credentials = " -CxUser " + user + " -CxPassword " + password
}

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 3
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

1 Node - Line 30 - getInput

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

2 Node - Line 30 - cxPassword

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

3 Node - Line 68 - cxPassword

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

4 Node - Line 68 - trim

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

5 Node - Line 68 - password

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

6 Node - Line 209 - password

checkmarx-github-action/src/cxosa.js

Lines 208 to 210 in 7873b79

} else {
credentials = " -CxUser " + user + " -CxPassword " + password
}

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 2
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

1 Node - Line 30 - getInput

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

2 Node - Line 30 - cxPassword

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

3 Node - Line 68 - cxPassword

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

4 Node - Line 68 - trim

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

5 Node - Line 68 - password

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

6 Node - Line 209 - password

checkmarx-github-action/src/cxosa.js

Lines 208 to 210 in 7873b79

} else {
credentials = " -CxUser " + user + " -CxPassword " + password
}

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

1 Node - Line 30 - getInput

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

2 Node - Line 30 - cxPassword

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

3 Node - Line 68 - cxPassword

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

4 Node - Line 68 - trim

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

5 Node - Line 68 - password

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

6 Node - Line 209 - password

checkmarx-github-action/src/cxosa.js

Lines 208 to 210 in 7873b79

} else {
credentials = " -CxUser " + user + " -CxPassword " + password
}

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

1 Node - Line 30 - getInput

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

2 Node - Line 30 - cxPassword

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

3 Node - Line 68 - cxPassword

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

4 Node - Line 68 - trim

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

5 Node - Line 68 - password

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

6 Node - Line 209 - password

checkmarx-github-action/src/cxosa.js

Lines 208 to 210 in 7873b79

} else {
credentials = " -CxUser " + user + " -CxPassword " + password
}

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

1 Node - Line 30 - getInput

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

2 Node - Line 30 - cxPassword

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

3 Node - Line 68 - cxPassword

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

4 Node - Line 68 - trim

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

5 Node - Line 68 - password

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

6 Node - Line 209 - password

checkmarx-github-action/src/cxosa.js

Lines 208 to 210 in 7873b79

} else {
credentials = " -CxUser " + user + " -CxPassword " + password
}

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

1 Node - Line 30 - getInput

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

2 Node - Line 30 - cxPassword

checkmarx-github-action/src/cxosa.js

Lines 29 to 31 in 7873b79

let cxUsername = core.getInput('cxUsername', { required: false })
let cxPassword = core.getInput('cxPassword', { required: false })
let cxProject = core.getInput('cxProject', { required: false })

3 Node - Line 68 - cxPassword

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

4 Node - Line 68 - trim

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

5 Node - Line 68 - password

checkmarx-github-action/src/cxosa.js

Lines 67 to 69 in 7873b79

if (utils.isValidString(cxPassword)) {
password = cxPassword.trim()
} else {

6 Node - Line 209 - password

checkmarx-github-action/src/cxosa.js

Lines 208 to 210 in 7873b79

} else {
credentials = " -CxUser " + user + " -CxPassword " + password
}

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

3 Node - Line 68 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

4 Node - Line 68 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

5 Node - Line 68 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

6 Node - Line 209 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L208-L210

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

3 Node - Line 68 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

4 Node - Line 68 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

5 Node - Line 68 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

6 Node - Line 209 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L208-L210

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

3 Node - Line 68 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

4 Node - Line 68 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

5 Node - Line 68 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

6 Node - Line 209 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L208-L210

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

3 Node - Line 68 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

4 Node - Line 68 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

5 Node - Line 68 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

6 Node - Line 209 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L208-L210

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

3 Node - Line 68 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

4 Node - Line 68 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

5 Node - Line 68 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

6 Node - Line 209 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L208-L210

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

3 Node - Line 68 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

4 Node - Line 68 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

5 Node - Line 68 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

6 Node - Line 209 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L208-L210

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

3 Node - Line 68 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

4 Node - Line 68 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

5 Node - Line 68 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

6 Node - Line 209 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L208-L210

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

3 Node - Line 68 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

4 Node - Line 68 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

5 Node - Line 68 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

6 Node - Line 209 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L208-L210

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

3 Node - Line 68 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

4 Node - Line 68 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

5 Node - Line 68 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

6 Node - Line 209 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L208-L210

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 30 - "cxPassword"
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

1 Node - Line 30 - getInput
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

2 Node - Line 30 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L29-L31

3 Node - Line 68 - cxPassword
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

4 Node - Line 68 - trim
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

5 Node - Line 68 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L67-L69

6 Node - Line 209 - password
https://github.com/checkmarx-ts/checkmarx-github-action/blob/facff162845a8332880e780f7cec71927aac746a/src/cxosa.js#L208-L210

Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:16 PM]: Changed severity to Low
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:55 PM]: Changed status to Urgent

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 9964289711
Path ID: 2
Result ID: 1000039
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html