VulnerableApp icon indicating copy to clipboard operation
VulnerableApp copied to clipboard

Published 20 hours ago verified publisher icon SasanLabs

Add 2-3 secured implementations for XXE vulnerability

Open preetkaran20 opened this issue 2 years ago • 2 comments

Is your feature request related to a problem? Please describe. As main target for Vulnerable App is scanners so we need to find out false positives by Scanners such that they can improve on there scan rules. So in order to find out the false positives, we need to add more secured implementations.

Describe the solution you'd like Add 2-3 more functions in https://github.com/SasanLabs/VulnerableApp/blob/master/src/main/java/org/sasanlabs/service/vulnerability/xxe/XXEVulnerability.java which are secure.

preetkaran20 avatar Oct 01 '22 13:10 preetkaran20

If this issue is not resolved yet, can I work on it?

Prince-1110 avatar Jan 31 '23 18:01 Prince-1110

@Prince-1110 yes, you can work on it. I think there are few secure implementations of this vulnerability present in the class but not marked as secure so you can mark them as secure as well.

preetkaran20 avatar Jan 31 '23 19:01 preetkaran20