CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 42 Data flow: data returned from one metho...

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 41 Data flow: data passed as an argument f...

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 31 Data flow: make a copy of data within t...

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 19 Control flow: Dead code after an if(tru...

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 17 Control flow: for loops

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 16 Control flow: while(true) and while(loc...

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 15 Control flow: switch(6) and switch(7)

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 14 Control flow: if(IO.static_five==5) and...

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 13 Control flow: if(IO.static_final_five==...

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 12 Control flow: if(IO.static_returns_t_or...

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 11 Control flow: if(IO.static_returns_t())...

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 10 Control flow: if(IO.static_t) and if(IO...

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 09 Control flow: if(IO.static_final_t) and...

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 08 Control flow: if(private_returns_t()) a...

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 07 Control flow: if(private_five==5) and i...

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 06 Control flow: if(private_final_five==5)...

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 05 Control flow: if(private_t) and if(priv...

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 04 Control flow: if(private_final_t) and i...

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 03 Control flow: if(5==5) and if(5!=5)

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 02 Control flow: if(true) and if(false)

CWE: 352 Cross Site Request Forgery BadSource: getQueryStringServlet Parse id param out of the querystring without getParam GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 01 Baseline

CWE: 352 Cross Site Request Forgery BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 71 Data flow: data passed as an Object reference ar...

CWE: 352 Cross Site Request Forgery BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 68 Data flow: data passed as a member variable in t...

CWE: 352 Cross Site Request Forgery BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 67 Data flow: data passed in a class from one metho...

CWE: 352 Cross Site Request Forgery BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: GoodSink: using CSRF prevention nonce BadSink : no CSRF prevention token Flow Variant: 66 Data flow: data passed in an array from one meth...