Giters

checkmarx-ts / checkmarx-github-action

Checkmarx Scan Github Action

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[Checkmarx] JavaScript_Server_Side_Vulnerabilities - Use_Of_Hardcoded_Password : 179411921

github-actions opened this issue · comments

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 7 - "cxPassword"

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in f10add5

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

1 Node - Line 7 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in f10add5

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

2 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in f10add5

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

3 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in f10add5

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

Comments

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000087
LOC: 7785
Files Scanned: 15
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000087&projectid=6
Scan Comment: git master@f10add5ac1d77a5e58704be089592fd1bd8d86c3
Scan Type: 00h:01m:08s
Scan Start Date: Wed Jun 17 2020 20:47:01 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:01m:08s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 179411921
Path ID: 2
Result ID: 1000087
Result State: 0
Result Severity: Low
Result Status: New
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 7 - "cxPassword"

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in 089ec58

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

1 Node - Line 7 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in 089ec58

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

2 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in 089ec58

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

3 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in 089ec58

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

Comments
Miguel Freitas checkmarx-github-action-master, [Wednesday, June 17, 2020 8:52:26 PM]: Changed status to Not Exploitable

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000088
LOC: 7788
Files Scanned: 15
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000088&projectid=6
Scan Comment: git master@089ec58769908e655ffcedb4ea15e2ef012b4266
Scan Type: 00h:01m:15s
Scan Start Date: Wed Jun 17 2020 20:52:33 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:01m:15s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 179411921
Path ID: 2
Result ID: 1000088
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 7 - "cxPassword"

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in 907d048

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

1 Node - Line 7 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in 907d048

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

2 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in 907d048

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

3 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in 907d048

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

Comments
Miguel Freitas checkmarx-github-action-master, [Wednesday, June 17, 2020 8:52:26 PM]: Changed status to Not Exploitable

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000089
LOC: 7788
Files Scanned: 15
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000089&projectid=6
Scan Comment: Attempt to perform scan on 6/17/2020 9:03:31 PM - No code changes were detected; git master@089ec58769908e655ffcedb4ea15e2ef012b4266
Scan Type: 00h:00m:00s
Scan Start Date: Wed Jun 17 2020 21:03:31 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:00m:00s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 179411921
Path ID: 2
Result ID: 1000089
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 7 - "cxPassword"

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in 92ae016

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

1 Node - Line 7 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in 92ae016

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

2 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in 92ae016

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

3 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in 92ae016

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

Comments
Miguel Freitas checkmarx-github-action-master, [Wednesday, June 17, 2020 8:52:26 PM]: Changed status to Not Exploitable

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000090
LOC: 7788
Files Scanned: 15
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000090&projectid=6
Scan Comment: Attempt to perform scan on 6/17/2020 9:05:32 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:03:31 PM - No code changes were detected; git master@089ec58769908e655ffcedb4ea15e2ef012b4266
Scan Type: 00h:00m:00s
Scan Start Date: Wed Jun 17 2020 21:05:32 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:00m:00s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 179411921
Path ID: 2
Result ID: 1000090
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 7 - "cxPassword"

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in 1c03b7f

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

1 Node - Line 7 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in 1c03b7f

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

2 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in 1c03b7f

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

3 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in 1c03b7f

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

Comments
Miguel Freitas checkmarx-github-action-master, [Wednesday, June 17, 2020 8:52:26 PM]: Changed status to Not Exploitable

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000091
LOC: 7788
Files Scanned: 15
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000091&projectid=6
Scan Comment: Attempt to perform scan on 6/17/2020 9:58:12 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:05:32 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:03:31 PM - No code changes were detected; git master@089ec58769908e655ffcedb4ea15e2ef012b4266
Scan Type: 00h:00m:00s
Scan Start Date: Wed Jun 17 2020 21:58:12 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:00m:00s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 179411921
Path ID: 2
Result ID: 1000091
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 7 - "cxPassword"

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in 812b663

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

1 Node - Line 7 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in 812b663

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

2 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in 812b663

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

3 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in 812b663

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

Comments
Miguel Freitas checkmarx-github-action-master, [Wednesday, June 17, 2020 8:52:26 PM]: Changed status to Not Exploitable

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000092
LOC: 7788
Files Scanned: 15
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000092&projectid=6
Scan Comment: Attempt to perform scan on 6/17/2020 10:03:52 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:58:12 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:05:32 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:03:31 PM - No code changes were detected; git master@089ec58769908e655ffcedb4ea15e2ef012b4266
Scan Type: 00h:00m:00s
Scan Start Date: Wed Jun 17 2020 22:03:52 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:00m:00s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 179411921
Path ID: 2
Result ID: 1000092
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 7 - "cxPassword"

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in ad6d56e

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

1 Node - Line 7 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in ad6d56e

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

2 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in ad6d56e

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

3 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in ad6d56e

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

Comments
Miguel Freitas checkmarx-github-action-master, [Wednesday, June 17, 2020 8:52:26 PM]: Changed status to Not Exploitable

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000093
LOC: 7788
Files Scanned: 15
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000093&projectid=6
Scan Comment: Attempt to perform scan on 6/17/2020 10:15:14 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:03:52 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:58:12 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:05:32 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:03:31 PM - No code changes were detected; git master@089ec58769908e655ffcedb4ea15e2ef012b4266
Scan Type: 00h:00m:00s
Scan Start Date: Wed Jun 17 2020 22:15:14 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:00m:00s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 179411921
Path ID: 2
Result ID: 1000093
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 7 - "cxPassword"

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in f95e008

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

1 Node - Line 7 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in f95e008

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

2 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in f95e008

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

3 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in f95e008

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

Comments
Miguel Freitas checkmarx-github-action-master, [Wednesday, June 17, 2020 8:52:26 PM]: Changed status to Not Exploitable

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000094
LOC: 7788
Files Scanned: 15
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000094&projectid=6
Scan Comment: Attempt to perform scan on 6/17/2020 10:18:11 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:15:14 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:03:52 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:58:12 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:05:32 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:03:31 PM - No code changes were detected; git master@089ec58769908e655ffcedb4ea15e2ef012b4266
Scan Type: 00h:00m:00s
Scan Start Date: Wed Jun 17 2020 22:18:11 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:00m:00s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 179411921
Path ID: 2
Result ID: 1000094
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 7 - "cxPassword"

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in 9af92e3

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

1 Node - Line 7 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in 9af92e3

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

2 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in 9af92e3

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

3 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in 9af92e3

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

Comments
Miguel Freitas checkmarx-github-action-master, [Wednesday, June 17, 2020 8:52:26 PM]: Changed status to Not Exploitable

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000095
LOC: 7788
Files Scanned: 15
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000095&projectid=6
Scan Comment: Attempt to perform scan on 6/17/2020 10:22:54 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:18:11 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:15:14 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:03:52 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:58:12 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:05:32 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:03:31 PM - No code changes were detected; git master@089ec58769908e655ffcedb4ea15e2ef012b4266
Scan Type: 00h:00m:00s
Scan Start Date: Wed Jun 17 2020 22:22:54 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:00m:00s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 179411921
Path ID: 2
Result ID: 1000095
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 7 - "cxPassword"

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in 54271de

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

1 Node - Line 7 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in 54271de

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

2 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in 54271de

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

3 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in 54271de

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

Comments
Miguel Freitas checkmarx-github-action-master, [Wednesday, June 17, 2020 8:52:26 PM]: Changed status to Not Exploitable

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000096
LOC: 7788
Files Scanned: 15
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000096&projectid=6
Scan Comment: Attempt to perform scan on 6/17/2020 10:25:33 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:22:54 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:18:11 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:15:14 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:03:52 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:58:12 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:05:32 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:03:31 PM - No code changes were detected; git master@089ec58769908e655ffcedb4ea15e2ef012b4266
Scan Type: 00h:00m:00s
Scan Start Date: Wed Jun 17 2020 22:25:33 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:00m:00s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 179411921
Path ID: 2
Result ID: 1000096
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 7 - "cxPassword"

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in 3d11deb

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

1 Node - Line 7 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in 3d11deb

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

2 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in 3d11deb

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

3 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in 3d11deb

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

Comments
Miguel Freitas checkmarx-github-action-master, [Wednesday, June 17, 2020 8:52:26 PM]: Changed status to Not Exploitable

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000097
LOC: 7788
Files Scanned: 15
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000097&projectid=6
Scan Comment: Attempt to perform scan on 6/17/2020 10:39:52 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:25:33 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:22:54 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:18:11 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:15:14 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:03:52 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:58:12 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:05:32 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:03:31 PM - No code changes were detected; git master@089ec58769908e655ffcedb4ea15e2ef012b4266
Scan Type: 00h:00m:00s
Scan Start Date: Wed Jun 17 2020 22:39:52 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:00m:00s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 179411921
Path ID: 2
Result ID: 1000097
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 7 - "cxPassword"

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in ab571da

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

1 Node - Line 7 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in ab571da

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

2 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in ab571da

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

3 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in ab571da

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

Comments
Miguel Freitas checkmarx-github-action-master, [Wednesday, June 17, 2020 8:52:26 PM]: Changed status to Not Exploitable

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000098
LOC: 7788
Files Scanned: 15
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000098&projectid=6
Scan Comment: Attempt to perform scan on 6/17/2020 10:44:14 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:39:52 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:25:33 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:22:54 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:18:11 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:15:14 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 10:03:52 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:58:12 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:05:32 PM - No code changes were detected; Attempt to perform scan on 6/17/2020 9:03:31 PM - No code changes were detected; git master@089ec58769908e655ffcedb4ea15e2ef012b4266
Scan Type: 00h:00m:00s
Scan Start Date: Wed Jun 17 2020 22:44:14 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:00m:00s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 179411921
Path ID: 2
Result ID: 1000098
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 7 - "cxPassword"

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in bb9101e

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

1 Node - Line 7 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in bb9101e

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

2 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in bb9101e

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

3 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in bb9101e

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

Comments
Miguel Freitas checkmarx-github-action-master, [Wednesday, June 17, 2020 8:52:26 PM]: Changed status to Not Exploitable

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000099
LOC: 7791
Files Scanned: 15
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000099&projectid=6
Scan Comment: git master@bb9101ed82fa9485fe5c6677f5608c3a8c077f25
Scan Type: 00h:01m:09s
Scan Start Date: Thu Jun 18 2020 00:47:09 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:01m:09s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 179411921
Path ID: 2
Result ID: 1000099
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 7 - "cxPassword"

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in dcdc481

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

1 Node - Line 7 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in dcdc481

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

2 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in dcdc481

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

3 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in dcdc481

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

Comments
Miguel Freitas checkmarx-github-action-master, [Wednesday, June 17, 2020 8:52:26 PM]: Changed status to Not Exploitable

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000100
LOC: 7828
Files Scanned: 15
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000100&projectid=6
Scan Comment: git master@dcdc481650f55a150959def1a3ac895a0e57eb93
Scan Type: 00h:01m:15s
Scan Start Date: Thu Jun 18 2020 01:20:24 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:01m:15s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 179411921
Path ID: 2
Result ID: 1000100
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html

commented

Low - Use_Of_Hardcoded_Password

0 Node - Line 7 - "cxPassword"

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in aa31a49

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

1 Node - Line 7 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 6 to 8 in aa31a49

const CX_USERNAME = "cxUsername"
const CX_PASSWORD = "cxPassword"
const CX_PROJECT = "cxProject"

2 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in aa31a49

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

3 Node - Line 193 - CX_PASSWORD

checkmarx-github-action/src/github/inputs.js

Lines 192 to 194 in aa31a49

CX_USERNAME: CX_USERNAME,
CX_PASSWORD: CX_PASSWORD,
CX_PROJECT: CX_PROJECT,

Comments
Miguel Freitas checkmarx-github-action-master, [Wednesday, June 17, 2020 8:52:26 PM]: Changed status to Not Exploitable

Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA

Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000134
LOC: 7828
Files Scanned: 15
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000134&projectid=6
Scan Comment: Attempt to perform scan on 6/23/2020 7:05:30 PM - No code changes were detected; git master@dcdc481650f55a150959def1a3ac895a0e57eb93
Scan Type: 00h:00m:00s
Scan Start Date: Tue Jun 23 2020 19:05:30 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:00m:00s
Source Origin: LocalPath
Visibility: Public

Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 179411921
Path ID: 2
Result ID: 1000134
Result State: 1
Result Severity: Low
Result Status: Recurrent
Result Assignee:

Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html