CWE: 643 Unsafe Treatment of XPath Input BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 09 Control flow: if...

CWE: 643 Unsafe Treatment of XPath Input BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 08 Control flow: if...

CWE: 643 Unsafe Treatment of XPath Input BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 07 Control flow: if...

CWE: 643 Unsafe Treatment of XPath Input BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 06 Control flow: if...

CWE: 643 Unsafe Treatment of XPath Input BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 05 Control flow: if...

CWE: 643 Unsafe Treatment of XPath Input BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 04 Control flow: if...

CWE: 643 Unsafe Treatment of XPath Input BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 03 Control flow: if...

CWE: 643 Unsafe Treatment of XPath Input BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 02 Control flow: if...

CWE: 643 Unsafe Treatment of XPath Input BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 01 Baseline

CWE: 643 Unsafe Treatment of XPath Input BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Varia...

CWE: 643 Unsafe Treatment of XPath Input BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Varia...

CWE: 643 Unsafe Treatment of XPath Input BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Varia...

CWE: 643 Unsafe Treatment of XPath Input BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Varia...

CWE: 643 Unsafe Treatment of XPath Input BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Varia...

CWE: 643 Unsafe Treatment of XPath Input BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Varia...

CWE: 643 Unsafe Treatment of XPath Input BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Varia...

CWE: 643 Unsafe Treatment of XPath Input BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Varia...

CWE: 643 Unsafe Treatment of XPath Input BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Varia...

CWE: 643 Unsafe Treatment of XPath Input BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Varia...

CWE: 643 Unsafe Treatment of XPath Input BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Varia...

CWE: 643 Unsafe Treatment of XPath Input BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Varia...

CWE: 643 Unsafe Treatment of XPath Input BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Varia...

CWE: 643 Unsafe Treatment of XPath Input BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Varia...

CWE: 643 Unsafe Treatment of XPath Input BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Varia...

CWE: 643 Unsafe Treatment of XPath Input BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: unvalidatedXPath GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Varia...