Juliet Java 1.3 with extra support Test suite #109

CWE: 643 Xpath Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 61 Data flow: data returned from...

CWE: 643 Xpath Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 66 Data flow: data passed in an ...

CWE: 643 Xpath Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 67 Data flow: data passed in a c...

CWE: 643 Xpath Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 68 Data flow: data passed as a m...

CWE: 643 Xpath Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 71 Data flow: data passed as an ...

CWE: 643 Xpath Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 72 Data flow: data passed in a V...

CWE: 643 Xpath Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 73 Data flow: data passed in a L...

CWE: 643 Xpath Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 74 Data flow: data passed in a H...

CWE: 643 Xpath Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 75 Data flow: data passed in a s...

CWE: 643 Xpath Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 81 Data flow: data passed in a p...

CWE: 643 Xpath Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 01 Baseline

CWE: 643 Xpath Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 02 Control flow: if(true) and if(false)

CWE: 643 Xpath Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 03 Control flow: if(5==5) and if(5!=5)

CWE: 643 Xpath Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 04 Control flow: if(PRIVATE_STATIC_FINAL_TRUE) and if(PRIVATE_ST...

CWE: 643 Xpath Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 05 Control flow: if(privateTrue) and if(privateFalse)

CWE: 643 Xpath Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 06 Control flow: if(PRIVATE_STATIC_FINAL_FIVE==5) and if(PRIVATE...

CWE: 643 Xpath Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 07 Control flow: if(privateFive==5) and if(privateFive!=5)

CWE: 643 Xpath Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 08 Control flow: if(privateReturnsTrue()) and if(privateReturnsF...

CWE: 643 Xpath Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 09 Control flow: if(IO.STATIC_FINAL_TRUE) and if(IO.STATIC_FINAL...

CWE: 643 Xpath Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 10 Control flow: if(IO.staticTrue) and if(IO.staticFalse)

CWE: 643 Xpath Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 11 Control flow: if(IO.staticReturnsTrue()) and if(IO.staticRetu...

CWE: 643 Xpath Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 12 Control flow: if(IO.staticReturnsTrueOrFalse())

CWE: 643 Xpath Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 13 Control flow: if(IO.STATIC_FINAL_FIVE==5) and if(IO.STATIC_FI...

CWE: 643 Xpath Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 14 Control flow: if(IO.staticFive==5) and if(IO.staticFive!=5)

CWE: 643 Xpath Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 15 Control flow: switch(6) and switch(7)