CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 42 Data flow: data returned from one method to another in the same class

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 41 Data flow: data passed as an argument from one method to another in th...

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 31 Data flow: make a copy of data within the same method

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 22 Control flow: Flow controlled by value of a public static variable. Si...

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 21 Control flow: Flow controlled by value of a private variable. All func...

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 17 Control flow: for loops

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 16 Control flow: while(true)

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 15 Control flow: switch(6) and switch(7)

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 14 Control flow: if(IO.staticFive==5) and if(IO.staticFive!=5)

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 13 Control flow: if(IO.STATIC_FINAL_FIVE==5) and if(IO.STATIC_FINAL_FIVE!=5)

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 12 Control flow: if(IO.staticReturnsTrueOrFalse())

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 11 Control flow: if(IO.staticReturnsTrue()) and if(IO.staticReturnsFalse())

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 10 Control flow: if(IO.staticTrue) and if(IO.staticFalse)

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 09 Control flow: if(IO.STATIC_FINAL_TRUE) and if(IO.STATIC_FINAL_FALSE)

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 08 Control flow: if(privateReturnsTrue()) and if(privateReturnsFalse())

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 07 Control flow: if(privateFive==5) and if(privateFive!=5)

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 06 Control flow: if(PRIVATE_STATIC_FINAL_FIVE==5) and if(PRIVATE_STATIC_F...

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 05 Control flow: if(privateTrue) and if(privateFalse)

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 04 Control flow: if(PRIVATE_STATIC_FINAL_TRUE) and if(PRIVATE_STATIC_FINA...

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 03 Control flow: if(5==5) and if(5!=5)

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 02 Control flow: if(true) and if(false)

CWE: 113 HTTP Response Splitting BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: addCookieServlet GoodSink: URLEncode input BadSink : querystring to addCookie() Flow Variant: 01 Baseline

CWE: 113 HTTP Response Splitting BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 81 Data flow: data passed in a parameter ...

CWE: 113 HTTP Response Splitting BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 75 Data flow: data passed in a serialized...

CWE: 113 HTTP Response Splitting BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 74 Data flow: data passed in a HashMap fr...